Scam Alert: Fake GitHub Airdrop Targets CLAW Token Users
Scam Details
A fake GitHub airdrop scam is targeting users with promises of $CLAW tokens for GitHub contributions. According to the source, the scam operates through the following mechanism:
- Users receive messages claiming they've been "selected" for a $CLAW airdrop based on their GitHub activity
- The scam directs users to connect their wallets through a random Google share link
- This Google link redirects to a shady .xyz website
- The fake GitHub discussion where users get tagged and receive GitHub emails is at:
https://github.com/highwayskinkjump/OpenClawEco-4828884/discussions/7
Security Warning
This is identified as a wallet-draining phishing scam. The source explicitly warns:
- Do NOT connect your wallet to any links from this scam
- Do NOT sign any transactions or approvals
- The use of a Google share link followed by redirection to a .xyz domain is a common phishing tactic
GitHub-based airdrop scams typically work by creating fake repositories or discussions that appear legitimate, then using GitHub's notification system to reach potential victims. Once users connect their wallets through the provided link, the scam site can request permissions that allow attackers to drain funds.
📖 Read the full source: r/openclaw
👀 See Also
AI Vulnerability Discovery Outpacing Patch Deployment Times
A security expert argues that AI tools like Mythos will find vulnerabilities faster than fixes can be deployed, citing Log4j data showing average remediation times of 17 days and a decade-long elimination timeline.
Three Email-Based Attack Vectors Against AI Agents That Read Email
A Reddit post details three specific methods attackers can use to hijack AI agents that process email: Instruction Override, Data Exfiltration, and Token Smuggling. These exploit the agent's inability to distinguish legitimate instructions from malicious ones embedded in email text.
Claude Code Identifies Malware Backdoor in GitHub Repo During Technical Audit
A developer used Claude Code to audit a GitHub repository before execution and discovered a remote code execution backdoor in src/server/routes/auth.js that would have compromised their machine. The prompt requested a technical due diligence audit checking project completeness, AI/ML layer, database, authentication, backend services, frontend, code quality, and effort estimate.
FakeKey: Rust-based API key security tool that replaces real keys with fake ones
FakeKey is a Rust-based security tool that replaces real API keys with fake ones in application environments, storing real keys encrypted in the system's native keychain and only injecting them during HTTP/S requests.