Clawdbot Chaos: A Forced Rebrand, Crypto Scam and 24-Hour Meltdown
Clawdbot, a popular open-source AI assistant that runs locally and interfaces with messaging apps, was recently forced to rebrand as Moltbot after Anthropic filed a trademark claim alleging similarity to its Claude model. During the rebrand, scammers hijacked the old GitHub and X accounts, using them to promote a fake CLAWD token that peaked at a $16 million market cap before collapsing, leaving late investors with losses. Project founder Peter Steinberger denied any association with the token and urged users to avoid such scams. Simultaneously, security researchers uncovered that hundreds of Clawdbot installations were exposed online with little to no authentication, mainly due to default settings that auto-authorize localhost connections, which can be exploited when used behind a reverse proxy. These vulnerabilities create risks of credential theft, remote code execution, and unauthorized access. Despite the chaos, Moltbot—formerly Clawdbot—remains available, but significant security issues persist, highlighting the dangers of rapid viral growth without adequate security controls, especially as tech stacks grow more complex and attackers look for exploitable openings.
