The full story behind ClawdBot's rebrand, the crypto scam that followed, and what security risks remain in 2026.
If you've been following AI news in early 2026, you've likely heard of MoltBot - or maybe you know it by its original name, ClawdBot. Same software, new identity, and one of the most chaotic rebrands in open-source history.
In this guide, we'll cover what MoltBot is, why the name changed, the crypto scam that exploited the transition, and the security vulnerabilities that remain a concern for users.
MoltBot is an open-source personal AI assistant that runs locally on your computer. Created by Peter Steinberger, the Austrian developer behind PSPDFKit, it's designed to be "Claude with hands" - an AI that can actually execute tasks, not just chat.
The project's new tagline: "Your own personal AI assistant. Any OS. Any Platform. The lobster way." The lobster theme persists from ClawdBot, with "Molt" referring to how lobsters shed their shells to grow - fitting given the forced rebrand.
On January 27, 2026, Anthropic - the company behind Claude AI - issued a trademark request to the ClawdBot creator. Their concern? The name "Clawd" was too similar to their AI model "Claude."
Anthropic's legal team reached out citing trademark concerns. Despite ClawdBot using Anthropic's Claude API legitimately, the name similarity prompted action.
Rather than fight it, Steinberger chose to rebrand. He selected "Molt" because it's what lobsters do to grow - shedding their old shell for a new one.
During the simultaneous GitHub and X/Twitter handle rename, Steinberger's timing was off. In just 10 seconds, crypto scammers snatched the old accounts and began pumping scam tokens.
Many developers questioned Anthropic's decision to target a project actively driving Claude API usage. Critics viewed the trademark dispute as disproportionate given ClawdBot's legitimate status and the massive developer goodwill it generated for Anthropic's ecosystem.
MoltBot retains all the features that made ClawdBot viral. Here's what it offers:
WhatsApp, Telegram, Slack, Discord, Signal, iMessage, Teams, Matrix, and more.
Route different channels/accounts to isolated agents for better organization.
Always-on speech recognition for macOS/iOS/Android with ElevenLabs integration.
Agent-driven visual workspace for complex task visualization.
Schedule recurring tasks like email checks, social media monitoring, and briefings.
Google Workspace, Twitter/X, Spotify, Obsidian, Home Assistant, and more.
The rebrand didn't fix the underlying security issues that researchers had already identified. Here's what remains concerning:
Hundreds of internet-facing administrative dashboards are publicly accessible, allowing unauthorized users to view configuration data and retrieve API keys without authentication.
Security researchers found exposed instances containing Anthropic API keys, Telegram bot tokens, Slack OAuth credentials, and months of conversation histories.
Some exposed instances permitted unauthenticated command execution on host systems, occasionally with elevated privileges - a severe remote code execution risk.
The vulnerability stems from authentication bypass when the gateway is operated behind an improperly configured reverse proxy, treating internet connections as local.
"Localhost trust assumptions and reverse proxy setups caused some internet connections to be treated as local - and therefore automatically approved."
The ClawdBot-to-MoltBot transition became a case study in how quickly bad actors can exploit moments of chaos.
Steinberger begins renaming accounts from ClawdBot to MoltBot
Crypto scammers snatch the released @ClawdBot handles
Fake $CLAWD token launches on Solana
Token reaches $16 million market cap
Token crashes 90%+, leaving victims with losses
"I messed up the rename and my old name was snatched in 10 seconds... I will never do a coin. Any project that lists me as coin owner is a SCAM."
- Peter Steinberger (@steipete), via DEV Community
While MoltBot is free and open-source, the API costs can be shocking. Here's what real users report:
Average daily API cost for active users
Reported spend in 2 days for basic tasks
| Cost Factor | MoltBot | Dooza |
|---|---|---|
| Software Cost | Free | $29/month all-inclusive |
| API Costs | $100-300+/day | Included |
| Setup Time | Hours to days | 5 minutes |
| Maintenance | You manage everything | Fully managed |
| Predictable Monthly Cost | No - highly variable | Yes - fixed pricing |
Without proper setup, your credentials, API keys, and private conversations may be exposed to the public internet.
The AI chooses which model to use for tasks. It often defaults to expensive options like Claude Opus, burning through hundreds of dollars daily.
MoltBot has full access to your computer - files, shell commands, browser. A misconfigured or compromised instance could cause serious damage.
As an open-source project, you're on your own. When crashes happen (which users report regularly), you need technical skills to debug.
Malicious content in emails or websites can manipulate the AI to take harmful actions or exfiltrate your data.
MoltBot represents an ambitious vision of what AI assistants could become - but it's not ready for mainstream business use. The combination of security vulnerabilities, extreme costs, and required technical expertise makes it a risky choice for most users.
If you're a developer who wants to experiment with agentic AI and has the skills to secure your deployment, MoltBot is a fascinating project worth exploring. But if you're a business owner looking for practical AI automation, there are safer alternatives.
Dooza offers pre-built AI employees with enterprise-grade security, predictable pricing, and zero setup required.
MoltBot is the rebranded version of ClawdBot, an open-source personal AI assistant. The name changed on January 27, 2026 after Anthropic issued a trademark request due to the similarity between 'Clawd' and 'Claude'. The software functionality remains identical.
Anthropic, the company behind Claude AI, sent a trademark request to the ClawdBot creator citing the name's similarity to 'Claude'. The new name 'Molt' references what lobsters do to grow - shedding their old shell, fitting with the project's lobster theme.
Yes, MoltBot is functionally identical to ClawdBot. It's the same open-source code, same features, same creator (Peter Steinberger) - just with a new name and updated branding. The agent name changed from 'Clawd' to 'Molty'.
During the 10-second window when accounts were being renamed, crypto scammers hijacked the old ClawdBot social media accounts. They promoted a fake $CLAWD token that reached $16 million market cap before crashing, leaving many investors with losses.
MoltBot has the same security concerns as ClawdBot. Security researchers found over 1,000 exposed control panels, credential leaks, and prompt injection vulnerabilities. It requires significant technical expertise to deploy securely.
MoltBot itself is free and open-source, but it requires API access to AI models. Users report spending $100-300+ per day in API costs, as the AI tends to choose expensive models for tasks. This makes it costly for regular business use.
ClawdBot is the open-source AI assistant taking over Silicon Valley. Learn what it does, how it works, and the security risks you need to know before using it for business.
Confused by the jargon? We break down the differences between Generative AI, AI Agents, and Agentic AI in simple terms.
Join thousands of companies using Workforce to automate their work. Get started for free today.
No credit card required · 14-day free trial · Cancel anytime