Clawdbot → Moltbot: The Rebrand Drama That Exposed How Fragile Viral Open-Source Really Is

Hey everyone, it’s January 28, 2026, and if you followed my last post on Clawdbot, you know I was pretty hooked on this thing. Well, plot twist: it’s no longer Clawdbot. As of yesterday (Jan 27), it’s officially Moltbot—same lobster soul, new shell. Peter Steinberger announced the change after getting a polite but firm trademark nudge from Anthropic. “Clawd” sounding too much like “Claude,” apparently. They asked nicely, Peter complied quickly, and the project molted overnight.

But what happened next? Absolute chaos in the span of about 10 seconds. During the rushed rename, the old @clawdbot X handle and GitHub org got snatched by crypto scammers. Fake accounts popped up pumping meme coins like $CLAWD on Solana (one hit $16M market cap before crashing 90%). People started DMing Peter asking about “airdrops” and “investments,” and he had to publicly yell: “I was forced to rename by Anthropic. Wasn’t my decision. Stop harassing me. No tokens ever.” GitHub briefly glitched his personal account too, but that’s resolved now. The new official spot is @moltbot on X, molt.bot domain, and github.com/moltbot/moltbot.

This whole saga unfolded in under 72 hours and it’s a perfect microcosm of 2026’s AI agent boom: insane hype + open-source speed + big-tech legal muscle + crypto vultures circling = recipe for viral disaster.

Why the Rebrand Hit So Hard (And Why It Matters)

Anthropic’s trademark ask was predictable. Clawdbot was literally built around Claude (Peter recommends Opus 4.5 as the brain), and the mascot “Clawd” was a direct nod to Claude’s reload monster. Playful at first, but when the repo blew past 40k+ stars （Currently over 80k+） and people started buying Mac Minis just to run dedicated instances, it crossed into “potential confusion” territory. Trademarks in AI are getting enforced earlier and harder—remember Craiyon ditching DALL·E Mini vibes?

Peter handled it gracefully on the project account: “Molt fits perfectly—it’s what lobsters do to grow.” But on his personal feed, he was more blunt: forced rename, messed-up migration, crypto shills everywhere. Community reaction split—some tagged Dario Amodei with “Do you hate success?”, others shrugged “trademarks gonna trademark.”

The real gut punch? Security exposure amplified overnight. Even before this, threads were warning about exposed Clawdbot/Moltbot control panels leaking API keys, Telegram tokens, and chat histories. Hundreds of instances were internet-facing without proper auth. Now add hijacked socials pushing scams, and suddenly everyone’s asking: if a seasoned founder like Peter (ex-PSPDFKit, sold big) can have his accounts yoinked in seconds, what chance does the average tinkerer have?

Updated Risk Levels (Because This Changes Things)

From my own setup and watching the fallout:

Level High (Now Critical): Anything involving email/calendar/GitHub/Slack access. Prompt injection + hijacked branding = could lead to real damage (deleted repos, phishing emails sent from your accounts). Isolate everything—use dedicated VMs or containers, never expose publicly without Cloudflare Tunnel + strict auth.
Level Medium-High: Browser/terminal control. Scammers already proved social engineering works fast. Sandbox harder.
Level Medium: Just read-only notifications/morning briefs. Still useful, lower risk—but if your instance leaks keys, attackers could pivot.
** Don’t do these (Updated)**:
- Expose your Moltbot dashboard to the internet without hardening (use moltbot doctor religiously).
- Click links or buy tokens from any “Clawd/Molt” account that isn’t verified @moltbot or @steipete.
- Run on your daily driver machine without full isolation—Peter calls it “spicy” for a reason.
- Ignore pairing/approval flows; that’s your last line of defense.

My Setup Update: Still Running, But More Paranoid

Mine survived the rename fine—updated the repo refs, reran onboarding wizard, all good. Morning brief came in as usual: weather, calendar, top emails, even pulled some trending X topics. But I tightened everything: moved to a dedicated Linux VM, limited channels to Telegram only (no email yet), and enabled the new “doctor” checks. No more “set it and forget it” vibes.

The fail from last time (calendar loop) is fixed in recent commits, but now I’m double-checking every skill install from ClawdHub (now MoltHub? Community still calls it ClawdHub lol).

Bottom Line: Jump In, But Eyes Wide Open

Moltbot is still the same beast: proactive, local-first, agentic AI that actually does stuff. The core didn’t change—code, features, community momentum all intact. If anything, this drama proves how real the demand is: people are this invested.

But 2026 is teaching us fast: viral open-source agents are powerful, privacy-preserving alternatives to rented clouds… and incredibly fragile when hype hits legal/crypto reality. Peter’s project might be the canary in the coal mine for self-hosted agents scaling safely.

If you’re technical and privacy-obsessed, try it—start tiny, sandbox like your life depends on it.

Link in bio:

Have you updated to Moltbot yet? Got hit by any scam DMs? Seen weirder agent drama? Drop below—I’m tracking this line closely, next post might dive into practical hardening guides or compare to other agents popping up. Stay safe out there. 🦞