In many ways, OpenClaw signifies the next phase in artificial intelligence. Its appeal stems from its architecture: the AI agent operates locally on a user’s device, allowing for autonomous interaction with applications and task performance.
The platform’s promise has garnered significant consumer interest, leading to reported increases in prices in China’s secondhand MacBook market, according to CNBC reports. This surge in popularity, however, has also attracted cybercriminals’ attention.
According to OX Security, bad actors have been contacting many OpenClaw developers via GitHub, informing them that they had been selected to receive $5,000 of CLAW tokens. Those who engaged were redirected to a convincing replica of OpenClaw’s official website, modified to include a “connect your wallet” prompt.
Connecting their crypto wallet could potentially allow bad actors to drain its contents.
Many Red Flags
Despite the apparent legitimacy of both the message and the site, the campaign contains several clear red flags. Notably, while many platforms issue governance tokens or cryptocurrencies, OpenClaw does not—meaning there is no such thing as a CLAW token.
The OpenClaw creator, Peter Steinberger, has stated that any crypto-related outreach claiming to originate from the project is fraudulent. The platform was designed as an open-source, non-commercial initiative and doesn’t conduct giveaways or promotional campaigns.
Capitalizing on Newness
Phishing schemes impersonating popular brands are a staple in cybercriminals’ tactics. While many users might dismiss a similar message from a more familiar organization, criminals are exploiting OpenClaw’s novelty—targeting users intrigued by its capabilities but not yet fully familiar with how it operates.
As AI expands in capability and reach, concerns around fraud and abuse are likely to grow in parallel. Jensen Huang, CEO of Nvidia, has described OpenClaw as “the next ChatGPT” and “the largest, most popular, the most successful open-sourced project in the history of humanity.” With such visibility and access to core device functions, security threats on the platform could carry particularly far-reaching consequences.