Security firm OX Security detected an active phishing campaign targeting GitHub developers. Attackers impersonated the OpenClaw project by creating Issues in controlled repositories and tagging numerous developers, claiming they were selected to claim CLAW tokens worth $5000 in rewards. The bait links redirected users to a highly counterfeit Openclaw phishing website, which lured users into granting authorization through a "Connect Wallet" button. Once connected, malicious scripts executed withdrawal and authorization commands to transfer user assets.