Logo
npm

@jaggle/resizeobserves @1.0.20

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-4288

Ecosystem

npm

Summary

Package name impersonates the popular @juggle/resize-observer (j→j substitution and pluralized 'resizeobserves') and the README is copied verbatim from the legitimate package, but the tarball ships an unrelated Python module (clipboard_guardian) that has nothing to do with a ResizeObserver polyfill. The postinstall hook (npm-install.cjs) bootstraps Python and pip on the installer's machine — attempting privileged installs via sudo -n / pkexec apt-get / pacman / dnf, falling back to fetching get-pip.py from bootstrap.pypa.io — then runs pip install --break-system-packages on the bundled clipper, and finally writes a persistent autostart entry under a disguised name: a systemd user unit python3-dbus-helper.service on Linux, a com.apple.python.runtime.plist LaunchAgent on macOS, or an HKCU\...\Run\PyRuntimeBroker value on Windows. Once running, clipboard_guardian/guardian.py monitors the user's clipboard, matches outgoing content against regexes for 40+ blockchains, and silently replaces any detected wallet address with one of the attacker's hardcoded wallets (e.g., ethereum 0x450c0E58Fc2ba03632d3F5780ad8C966648B6F18, bitcoin bc1qs2mpls4p0f7fng073gy2rcdgjpf7la4eugpt6y, plus monero/etc.) — any crypto payment the victim copies is redirected to the attacker. The daemon further disguises itself via setproctitle('python3-dbus-helper' / 'com.apple.python.runtime') and SetConsoleTitleW('Python Runtime Broker') to blend with OS components, ships an anti-clipper cover story in pyproject.toml while being the clipper itself, and contains an is_monitor_running() routine that pauses substitution when task managers / process explorers (taskmgr, procexp, procmon, ProcessHacker, Activity Monitor, htop, btop, gnome-system-monitor, etc.) are detected. The combination of typosquat naming, install-time privileged persistence, hardcoded attacker wallets, and explicit anti-analysis logic makes intent unambiguous.

Source: amazon-inspector (3fe4b050d79ecfc702c9222cf3347e49d4530efd23a2120ee040ef32e0a76e4f)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.

SEE HACKTRON REVIEW → SCAN DEPENDENCIES