GitHub phishers use fake OpenClaw tokens to drain crypto wallets
Summary
Threat actors are conducting a phishing campaign on GitHub, leveraging the popularity of OpenClaw to lure developers with fake crypto token airdrops. Attackers create or hijack repositories, post misleading issues, and direct victims to cloned websites to steal cryptocurrency wallet information.
IFF Assessment
This campaign exploits developer trust and uses social engineering to steal cryptocurrency, representing a direct threat to users and their assets.
Defender Context
Defenders should be aware of social engineering tactics targeting developers, particularly those involving cryptocurrency and popular platforms like GitHub. It's crucial to educate users about the risks of unsolicited token airdrops and the importance of verifying website legitimacy before connecting wallets.