Gate News reports that on March 19, the security platform OX Security revealed that developers of the AI agent project OpenClaw are becoming targets of cryptocurrency phishing activities. Attackers created fake GitHub accounts, initiated issues in repositories they control, @-mentioned dozens of developers, claimed they had won a $5,000 CLAW token reward, and directed victims to a clone website nearly identical to openclaw.ai. This phishing site added a “Connect Wallet” button aimed at stealing connected wallet assets. Malicious code was hidden in deeply obfuscated JavaScript files, equipped with a “nuke” function to clear browser local storage data to hinder forensic analysis, and encoded wallet addresses, transaction amounts, and other information to send back to C2 servers. Researchers identified a suspicious crypto wallet address likely used to receive stolen funds. The related account was created last week and deleted within hours; no victims have been confirmed so far. Due to its high profile, OpenClaw has become a target for scammers, and its Discord community has previously experienced大量加密货币垃圾信息. Previously, the founder of OpenClaw warned users to beware of cryptocurrency scam emails impersonating OpenClaw.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Kelp DAO refutes LayerZero criticism; Aave bad debt reaches up to $230 million
Kelp DAO issued a statement on April 21 rebutting LayerZero’s criticism of its 1/1 DVN configuration, pointing the root responsibility for the $292 million vulnerability in this incident to LayerZero’s infrastructure. Aave released an event impact assessment report: under a scenario where losses are evenly distributed, about $124 million; under a scenario where losses are concentrated on L2, they reach up to $230 million.
MarketWhisper50m ago
DefiLlama denies exaggerated claims about the metrics, saying that Aave data has been excluded from the circulating liquidity calculation
KelpDAO’s vulnerability caused Aave’s total value locked (TVL) to fall from $26.4 billion on April 18, 2026, to about $17 billion on April 21, and after DefiLlama founder 0xngmi officially responded on the X platform to accusations that its Aave TVL figures were inflated by circular liquidity, he said that the amount of borrowed tokens has been deducted from the TVL.
MarketWhisper1h ago
Dune Analysis: 47% of LayerZero OApps Use Minimum 1-of-1 DVN Security Configuration
Analysis of LayerZero OApps post-KelpDAO hack reveals significant security issues, with 47% using the least secure 1-of-1 DVN tier. KelpDAO’s rsETH token also operates at this vulnerable level, exposing risks in single-validator architectures.
GateNews2h ago
Claude Desktop Installation Reportedly Writes Backdoor File to Chromium-Based Browsers
The Claude Desktop application by Anthropic installs a backdoor file in Chromium-based browsers without user consent, posing serious security and privacy risks by potentially allowing attackers to control users' browsers.
GateNews4h ago
Chinese National Arrested at Buenos Aires Airport for $49.4M Crypto Fraud Scheme
A Chinese national was arrested in Argentina for carrying a forged Paraguayan passport. He is wanted for orchestrating a $49.4 million cryptocurrency fraud in Nigeria, and extradition proceedings are being initiated.
GateNews4h ago
Lido EarnETH Vault Exposed to $21.6M rsETH Following Kelp Bridge Exploit, DAO Sets $3M Loss Protection
On April 18, a Kelp cross-chain bridge exploit led to the theft of $292 million in rsETH. Lido reported $21.6 million in exposure via its EarnETH vault, prompting Aave to freeze relevant markets. EarnETH has paused transactions and is deleveraging, while Lido's DAO treasury implemented a $3 million protection mechanism to cover potential losses. The core staking protocol remains unaffected.
GateNews4h ago
