Phishing Attack Disguises as GitHub Discussion
Cybercriminals send fake GitHub emails with alleged OpenClaw statistics. Victims are lured into wallet connections to steal cryptocurrencies.
GitHub Discussion as Bait for Crypto Theft
Cybercriminals have launched a sophisticated phishing campaign disguised as official GitHub discussion emails. The attack uses the subject line "OpenClaw GitHub Contributors Distribution" and mimics the layout and design of the well-known developer platform.
Professional Forgery with Dangerous Intent
The fake emails look deceptively authentic and contain a link that supposedly leads to a GitHub discussion about OpenClaw project contributions. In reality, the link directs victims to a malicious website designed to lure users into connecting their cryptocurrency wallets.
Drainer Scam Through Wallet Connection
Once victims connect their wallet, a "drainer" - malicious software - activates automatically, transferring all available cryptocurrencies from the victim's wallet to the attackers' account. This process happens within seconds and is nearly impossible to reverse.
Community Security Warnings
The OpenClaw community strongly warns against responding to such emails or connecting wallets. "Never open links in suspicious emails and never share your wallet credentials," is the clear recommendation. Affected users should also change their passwords and monitor their accounts.
Attackers' Methodology
The criminals employ a common social engineering technique: they create the impression of official GitHub communication. The topic "Contributors Distribution" suggests a professional analysis of the OpenClaw project, which increases recipients' trust.
Protection Measures and Prevention
Experts recommend always verifying emails for authenticity, especially those containing links or wallet connection requests. Official GitHub communication typically occurs through the GitHub portal rather than email. Users should also enable two-factor authentication and only connect wallets through trusted sources.