On February 22, 2026, OpenClaw creator Peter Steinberger confirmed a total ban on cryptocurrency discussions in the project’s Discord server. The reason? A fake token called $CLAWD that scammers used to steal millions from unsuspecting users.

Here’s exactly what happened, why OpenClaw responded this way, and what you should know to stay safe.

The Rebrand Window Exploit

When OpenClaw received a trademark notice about its original name, the team went through a rebrand. During the brief window between releasing old social media handles and claiming new ones, scammers seized the abandoned accounts.

Using these hijacked handles — which still had followers who associated them with the project — the attackers promoted a Solana-based token called $CLAWD.

The Pump and Dump

The fake token surged to approximately $16 million in market capitalization within hours. Early buyers piled in, believing the token was officially connected to one of the fastest-growing open-source projects in history.

Then it crashed more than 90%.

Steinberger publicly denied any involvement and warned users he would never launch a cryptocurrency. But by then, the damage was done. Some early buyers blamed Steinberger himself, despite the scam being entirely orchestrated by third parties.

OpenClaw’s Response: Zero Tolerance

The project now enforces a strict no crypto mention whatsoever policy on its Discord server. Even legitimate technical references to cryptocurrency — like using Bitcoin block height as a timing mechanism in benchmarks — can result in removal.

Steinberger has acknowledged this is aggressive but considers it necessary given the ongoing risk. Users who are accidentally caught by the policy can email to have their access restored.

The Broader Security Picture

The $CLAWD scam isn’t an isolated incident. Security researchers have identified:

  • Hundreds of exposed OpenClaw instances accessible on the open internet
  • Dozens of malicious plugins (skills) designed specifically to target crypto traders
  • A compromised npm package that silently installed OpenClaw on developer machines
  • The first documented real-world infostealer targeting OpenClaw config files (reported by Hudson Rock)

OpenClaw v2026.2.19 included 40+ security patches addressing credential theft, config file traversal, session bugs, Discord privilege escalation, SSRF hardening, and device management vulnerabilities.

How to Protect Yourself

Never Trust Crypto Claims

OpenClaw has no official token, coin, or cryptocurrency. Period. Any token claiming association with OpenClaw or its creator is fraudulent.

Secure Your Instance

If you’re running OpenClaw:

  1. Don’t expose it to the internet — keep it behind a firewall or VPN
  2. Review installed skills — only use skills from trusted sources on ClawHub
  3. Update regularly — security patches ship frequently
  4. Use allowlists — restrict which URLs your agent can access via cron job allowlists
  5. Check your config — ensure credentials aren’t stored in plaintext accessible locations

Verify Official Channels

The only official OpenClaw channels are:

If someone contacts you about OpenClaw from any other account, treat it as suspicious.

What This Means for the Community

The crypto scam is an unfortunate side effect of OpenClaw’s explosive growth — 200,000+ GitHub stars in weeks makes it a prime target for social engineering attacks.

The zero-tolerance Discord policy may feel heavy-handed, but it reflects a clear priority: protecting the community over preserving discussion breadth. For a project whose core value is running autonomous agents with access to your personal data and tools, this security-first posture is the right call.

If you’re building with OpenClaw, the lesson is simple: the same qualities that make it powerful — always-on autonomy, tool access, messaging integration — also make it a target. Secure your setup accordingly.

For more on OpenClaw security, read our complete security guide, the February 2026 security roundup, and our guardrails setup guide.