Introduction
This report analyzes a targeted phishing campaign that successfully bypassed email security filters such as SPF, DKIM, and DMARC by exploiting GitHub‘s legitimate notification infrastructure and Google‘s sharing links.
As AI automation solutions like OpenClaw remain popular, threat actors are targeting developers who follow popular open-source projects like OpenClaw, aiming to empty their Web3 wallets with promises of fraudulent Airdrops.
TTP Analysis
Discovery and Target Identification
Attackers used open-source intelligence methods and the GitHub API to scrape the profiles of developers who starred or contributed to specific repositories (such as OpenClaw). This allowed them to create a high-value target list of individuals likely to use crypto wallets and who could fall into the trap.
Weaponization and Distribution
To avoid detection, the attackers used a “living-off-the-land” tactic, triggering GitHub’s own system instead of sending emails directly. Hundreds of targeted users were tagged simultaneously in a discussion opened through a fake repository.
These notifications, sent via GitHub’s “[email protected]” address, reached the target users’ inboxes without being caught by spam filters, thanks to GitHub’s high domain authority.
The image shows hundreds of users being tagged using legitimate GitHub infrastructure, and a fake airdrop link being masked via Google Share.
Obfuscation & Open Redirect
The link in the email is designed in the format “https://share.google/…” to gain the victims’ trust. However, this link, using a URL redirection technique (Use of Proxy Method in Phishing Attacks), redirects the victim directly to the malicious infrastructure (token-claw[.]xyz) via the Google service.
Exploitation / Wallet Drainer
When the victim reaches the redirected phishing site, they are greeted with a professional interface that mimics the legitimate appearance of the project. The sole purpose of the site is to get the victim to connect their Web3 wallet. The fake OpenClaw Airdrop page is designed to convince the victim to connect their wallet:
When the victim clicks the Connect Wallet button, a Wallet Drainer kit is activated in the background. The drainer interface offers options such as WalletConnect, MetaMask, etc.
At this stage, as soon as the victim connects their wallet and signs the transaction (usually a confirmation request disguised with “eth_sign” or “SetApprovalForAll” functions), all valuable tokens and NFTs in the wallet are automatically transferred to the attacker’s smart contract.
IOCs
| Type | Value | Description |
|---|---|---|
| Domain | token-claw[.]xyz | Main Phishing and Drainer domain. |
| URL | https://share.google/XeflUUmaYsHQqZGh3 | The URL being exploited for redirection. |
| URL Parameter | ?_r=54969e16 | Campaign/Cictim tracking parameter on a phishing site. |
| GitHub Repo | Phaseflonippers37/ClawCommunity-1914064 | A fake source repository used for distribution. |
| Sender E-mail | [email protected] | The legitimate sender address being exploited (not spoofing). |
MITRE ATT&CK Mapping
| TTP ID | Description |
|---|---|
| T1566.002: Phishing | Using a Google Share link. |
| T1583.006: Acquire Infrastructure: Web Services | Using GitHub repositories and Google Share infrastructure. |
| T1059: Command and Scripting Interpreter | A JavaScript-based drainer payload on a phishing site. |
| T1190: Exploit Public-Facing Application | Exploiting the victim’s Web3 wallet interface. |
Conclusion
This campaign clearly demonstrates how threat actors in the Web3 ecosystem are weaponizing the authority of legitimate platforms (GitHub, Google) to bypass traditional email security. The careful selection of the target audience through scraping from GitHub proves that the attack was designed to maximize its success rate.
- Individual Precaution: Do not trust any GitHub mention notifications containing airdrop or token claims, even if the sender appears trustworthy ([email protected]). Links should be analyzed in isolated environments.
- Technical Precaution: Use a cold wallet for Web3 transactions and absolutely reject transaction confirmations containing blind signatures.
