In brief
- Attackers used fake GitHub accounts to tag developers, claiming they had won $5,000 in $CLAW tokens and directing them to a cloned OpenClaw site.
- OX Security said the phishing page used heavily obfuscated JavaScript and a separate C2 server to drain connected wallets and hide activity.
- Read Full Article at Source
