AI assistant Clawdbot was renamed Moltbot due to trademark issues, leading to impersonation campaigns. Attackers exploited the transition by creating typosquat domains and a cloned, clean code GitHub repository to mislead users, aiming for potential supply-chain attacks. Despite no immediate malware, the impersonation strategy relies on trust, risking users' API keys and data over time. Users are advised to verify sources and maintain scrutiny during transitions, while maintainers should preemptively secure domains and manage renames carefully.
Clawdbot’s Rename to Moltbot Sparks Impersonation Campaign

