TechFlow News: On March 19, according to Decrypt, security platform OX Security disclosed a phishing attack targeting OpenClaw developers. The attackers created fake GitHub accounts and lured developers to a counterfeit openclaw.ai website by offering $5,000 worth of $CLAW tokens as bait. Once developers connected their wallets to the site, the attackers stole their funds. Malicious code was concealed within a highly obfuscated JavaScript file named “eleven.js” and exfiltrated wallet addresses, transaction amounts, and other data via a standalone command-and-control (C2) server. The attackers appear to have used GitHub’s star feature to precisely identify target users. All related accounts were deleted within hours of going live; no victims have been confirmed so far.
Risk Disclosure: This website's content is not investment advice and offers no trading guidance or related services. Per regulations from the PBOC and other authorities, users must be aware of virtual currency risks. Contact us / support@techflowpost.com ICP License: 琼ICP备2022009338号
