Overview
- Attackers created bogus GitHub accounts, tagged OpenClaw contributors with promises of $5,000 in $CLAW tokens, and linked them to a site mimicking openclaw.ai.
- OX Security deobfuscated a script named eleven.js that exfiltrated wallet data to a command server, tracked states like PromptTx, Approved, and Declined, and included a nuke routine to wipe evidence.
- Investigators flagged token-claw.xyz as the phishing site and watery-compost.today as the C2 infrastructure used for data collection.
- Targets appeared to be selected from users who starred OpenClaw repositories, while the attacker accounts were newly created and deleted within hours to hinder forensics.
- One suspected attacker wallet (0x6981E9EA7023a8407E4B08ad97f186A5CBDaFCf5) was identified with no transactions, and recommended mitigations include blocking the listed domains and revoking recent wallet approvals.