The agents are popular, so the scammers are hunting their builders.

The Summary

The Signal

Here's what happens when AI tooling goes mainstream fast. OpenClaw's rapid adoption created a concentrated target pool of developers who likely hold crypto and work in GitHub daily. The attack vector is smart: developers expect ecosystem rewards, airdrops are common in crypto-adjacent platforms, and $5,000 is small enough to be believable but large enough to click.

The phishing campaign specifically exploits the intersection of developer workflow and crypto holdings. GitHub is trusted territory. An airdrop notification there doesn't trigger the same alarm bells as a random Discord DM. The cloned site adds a wallet connection step that looks routine if you're used to Web3 tooling, but that handshake is the killshot. Once you connect, the attacker has access.

This isn't random spray-and-pray phishing. It's targeted social engineering aimed at people building with a specific platform. As AI agent frameworks proliferate and overlap more with crypto infrastructure, this attack pattern scales. Every popular AI tool with a developer community and any tangential crypto connection becomes a fishing hole. The scammers are banking on developers moving fast, trusting ecosystem communications, and having wallets connected to the same machines where they code.

The Implication

If you're building with any AI platform that touches crypto, Web3, or has a token, treat every airdrop message as hostile until proven otherwise. Verify through official channels only. Use hardware wallets for anything that matters. And if you're running an AI platform, get ahead of this: publish a page listing every legitimate way you will and won't contact developers. Make it dead simple to verify authenticity. The attackers are already here.

Sources: The Block | Decrypt