Logo
npm

clipboard-guardian @1.0.3

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 4:30 AM UTC

Malicious

OSV ID

MAL-2026-4290

Ecosystem

npm

Summary

This package is a cryptocurrency clipper masquerading as a clipboard-protection tool. Its postinstall script (npm-install.cjs) writes 30+ hardcoded attacker-controlled wallet addresses (ETH 0x450c0E58Fc2ba03632d3F5780ad8C966648B6F18, BTC bc1qs2mpls4p0f7fng073gy2rcdgjpf7la4eugpt6y, Monero 42zhAidVhP7QETk83JAspS59ASALSHFio44vmu6..., and addresses for ~30 other chains) into the package's config.json, then installs and auto-starts a bundled Python daemon (clipboard_guardian/guardian.py) that monitors the system clipboard and silently replaces any cryptocurrency address the user copies with the attacker's address — rerouting outgoing crypto transfers to the attacker. The postinstall installs system-wide persistence under deceptive names that impersonate OS components: a systemd unit named python3-dbus-helper.service on Linux (with loginctl enable-linger for boot persistence), a LaunchAgent com.apple.python.runtime.plist on macOS, and a Task Scheduler entry PyRuntimeBroker on Windows. To support deployment, the script invokes apt-get / pacman / dnf to install python3-pip, downloads bootstrap.pypa.io/get-pip.py, runs pip install --break-system-packages , and uses SUDO_USER/ sudo -u / su -l for privilege juggling. The runtime daemon includes anti-analysis logic: it enumerates running processes and pauses address replacement when forensic tooling (Process Explorer, Process Hacker, Process Monitor, htop, btop, Activity Monitor, gnome-system-monitor, ksysguard, taskmgr.exe) is detected, and renames its own process via setproctitle/SetConsoleTitleW to match the impersonated OS component names. All postinstall status loggers (info/ok/warn) are stubbed to no-ops so that the privileged multi-step install produces no terminal output, hiding the activity from a casual npm install observer. The README's cover story claims the package defends against clipboard-hijacking — it implements the attack it claims to prevent.

Source: amazon-inspector (6cf1e5328821dbb36e54a2d796ad934ebe79257f8927e2ba741016c4a0f2c79d)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.

SEE HACKTRON REVIEW → SCAN DEPENDENCIES