{“lastseen”:”2026-01-29T16:05:13″,”description”:”After the viral AI assistant **Clawdbot** was forced to rename to **Moltbot** due to a trademark dispute, opportunists moved quickly. Within days, typosquat domains and a cloned GitHub repository appeared\u2014impersonating the project\u2019s creator and positioning infrastructure for a potential supply-chain attack.\\n\\nThe code is clean. The infrastructure is not. With the GitHub downloads and star rating rapidly rising, we took a deep dive into how fake domains target viral open source projects.\\n\\n\\n\\n## The background: Why was Clawdbot renamed?\\n\\nIn early 2026, Peter Steinberger\u2019s **Clawdbot** became one of the fastest-growing open source projects on GitHub. The self-hosted assistant\u2014described as \u201cClaude with hands\u201d\u2014allowed users to control their computer through WhatsApp, Telegram, Discord, and similar platforms.\\n\\nAnthropic later objected to the name. Steinberger complied and rebranded the project to **Moltbot** (\u201cmolt\u201d being what lobsters do when they shed their shell).\\n\\nDuring the rename, both the GitHub organization and X (formerly Twitter) handle were briefly released before being reclaimed. Attackers monitoring the transition grabbed them within seconds.\\n\\n\\n\\n\u201cHad to rename our accounts for trademark stuff and messed up the GitHub rename and the X rename got snatched by crypto shills.\u201d \u2014 Peter Steinberger\\n\\nThat brief gap was enough.\\n\\n## Impersonation infrastructure emerged\\n\\nWhile investigating a suspicious repository, I uncovered a coordinated set of assets designed to impersonate Moltbot.\\n\\n**Domains**\\n\\n * moltbot[.]you\\n * clawbot[.]ai\\n * clawdbot[.]you\\n\\n\\n\\n**Repository**\\n\\n * github[.]com\/gstarwd\/clawbot \u2014 a cloned repository using a typosquatted variant of the former Clawdbot project name\\n\\n\\n\\n**Website**\\n\\nA polished marketing site featuring:\\n\\n * professional design closely matching the real project\\n * SEO optimization and structured metadata\\n * download buttons, tutorials, and FAQs\\n * claims of 61,500+ GitHub stars lifted from the real repository\\n\\n\\n\\n## **Evidence of impersonation**\\n\\n**False attribution** : The site\u2019s schema.org metadata falsely claims authorship by Peter Steinberger, linking directly to his real GitHub and X profiles. This is explicit identity misrepresentation.\\n\\n\\n\\n**Misdirection to an unauthorized repository** : \u201cView on GitHub\u201d links send users to gstarwd\/clawbot, not the official moltbot\/moltbot repository.\\n\\n**Stolen credibility** :The site prominently advertises tens of thousands of stars that belong to the real project. The clone has virtually none (although at the time of writing, that number is steadily rising).\\n\\n\\n\\n**Mixing legitimate and fraudulent links** : Some links point to real assets, such as official documentation or legitimate binaries. Others redirect to impersonation infrastructure. This selective legitimacy defeats casual verification and appears deliberate.\\n\\n**Full SEO optimization** : Canonical tags, Open Graph metadata, Twitter cards, and analytics are all present\u2014clearly intended to rank the impersonation site ahead of legitimate project resources.\\n\\n**The ironic security warning** : The impersonation site even warns users about scams involving fake cryptocurrency tokens\u2014while itself impersonating the project.\\n\\n\\n\\n* * *\\n\\n## **Code analysis: Clean by design**\\n\\nI performed a static audit of the gstarwd\/clawbot repository:\\n\\n * no malicious npm scripts\\n * no credential exfiltration\\n * no obfuscation or payload staging\\n * no cryptomining\\n * no suspicious network activity\\n\\n\\n\\nThe code is functionally identical to the legitimate project, which is not reassuring.\\n\\n## **The threat model**\\n\\nThe absence of malware is the strategy. Nothing here suggests an opportunistic malware campaign. Instead, the setup points to early preparation for a supply-chain attack.\\n\\n**The likely chain of events:**\\n\\nA user searches for \u201cclawbot GitHub\u201d or \u201cmoltbot download\u201d and finds moltbot[.]you or gstarwd\/clawbot.\\n\\nThe code looks legitimate and passes a security audit.\\n\\nThe user installs the project and configures it, adding API keys and messaging tokens. Trust is established.\\n\\nAt a later point, a routine update is pulled through npm update or git pull. A malicious payload is delivered into an installation the user already trusts.\\n\\nAn attacker can then harvest:\\n\\n * Anthropic API keys\\n * OpenAI API keys\\n * WhatsApp session credentials\\n * Telegram bot tokens\\n * Discord OAuth tokens\\n * Slack credentials\\n * Signal identity keys\\n * full conversation histories\\n * command execution access on the compromised machine\\n\\n\\n\\n## **What\u2019s malicious, and what isn\u2019t**\\n\\n**Clearly malicious**\\n\\n * false attribution to a real individual\\n * misrepresentation of popularity metrics\\n * deliberate redirection to an unauthorized repository\\n\\n\\n\\n**Deceptive but not yet malware**\\n\\n * typosquat domains\\n * SEO manipulation\\n * cloned repositories with clean code\\n\\n\\n\\n**Not present (yet)**\\n\\n * active malware\\n * data exfiltration\\n * cryptomining\\n\\n\\n\\nClean code today lowers suspicion tomorrow.\\n\\n## **A familiar pattern**\\n\\nThis follows a well-known pattern in open source supply-chain attacks.\\n\\nA user searches for a popular project and lands on a convincing-looking site or cloned repository. The code appears legitimate and passes a security audit.\\n\\nThey install the project and configure it, adding API keys or messaging tokens so it can work as intended. Trust is established.\\n\\nLater, a routine update arrives through a standard npm update or git pull. That update introduces a malicious payload into an installation the user already trusts.\\n\\nFrom there, an attacker can harvest credentials, conversation data, and potentially execute commands on the compromised system.\\n\\nNo exploit is required. The entire chain relies on trust rather than technical vulnerabilities.\\n\\n## **How to stay safe**\\n\\nImpersonation infrastructure like this is designed to look legitimate long before anything malicious appears. By the time a harmful update arrives\u2014if it arrives at all\u2014the software may already be widely installed and trusted.\\n\\nThat\u2019s why basic source verification still matters, especially when popular projects rename or move quickly.\\n\\n**Advice for users**\\n\\n * Verify GitHub organization ownership\\n * Bookmark official repositories directly\\n * Treat renamed projects as higher risk during transitions\\n\\n\\n\\n**Advice for maintainers**\\n\\n * Pre-register likely typosquat domains before public renames\\n * Coordinate renames and handle changes carefully\\n * Monitor for cloned repositories and impersonation sites\\n\\n\\n\\n**Pro tip: Malwarebytes customers are protected.** Malwarebytes is actively blocking all known indicators of compromise (IOCs) associated with this impersonation infrastructure, preventing users from accessing the fraudulent domains and related assets identified in this investigation.\\n\\n* * *\\n\\n**We don\u2019t just report on threats\u2014we remove them**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.”,”published”:”2026-01-29T14:26:42″,”modified”:”2026-01-29T14:26:42″,”type”:”malwarebytes”,”title”:”Clawdbot\u2019s rename to Moltbot sparks impersonation campaign”,”source”:””,”references”:””,”id”:”MALWAREBYTES:B9EB94C49D6559E91FA22E6CEDB79821″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/threat-intel\/2026\/01\/clawdbots-rename-to-moltbot-sparks-impersonation-campaign”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-01-29T16:05:13″,”description”:”After the viral AI assistant **Clawdbot** was forced to rename to **Moltbot** due to a trademark dispute, opportunists moved quickly. Within days, typosquat domains and…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-38138","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n