MAL-2026-4290
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/clipboard-guardian/MAL-2026-4290.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-4290
- Published
- 2026-05-24T18:38:12Z
- Modified
- 2026-05-26T06:02:12.066466274Z
- Summary
- Malicious code in clipboard-guardian (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (6cf1e5328821dbb36e54a2d796ad934ebe79257f8927e2ba741016c4a0f2c79d)
This package is a cryptocurrency clipper masquerading as a clipboard-protection tool. Its postinstall script (npm-install.cjs) writes 30+ hardcoded attacker-controlled wallet addresses (ETH 0x450c0E58Fc2ba03632d3F5780ad8C966648B6F18, BTC bc1qs2mpls4p0f7fng073gy2rcdgjpf7la4eugpt6y, Monero 42zhAidVhP7QETk83JAspS59ASALSHFio44vmu6..., and addresses for ~30 other chains) into the package's config.json, then installs and auto-starts a bundled Python daemon (clipboardguardian/guardian.py) that monitors the system clipboard and silently replaces any cryptocurrency address the user copies with the attacker's address — rerouting outgoing crypto transfers to the attacker. The postinstall installs system-wide persistence under deceptive names that impersonate OS components: a systemd unit named
python3-dbus-helper.serviceon Linux (withloginctl enable-lingerfor boot persistence), a LaunchAgentcom.apple.python.runtime.pliston macOS, and a Task Scheduler entryPyRuntimeBrokeron Windows. To support deployment, the script invokesapt-get/pacman/dnfto install python3-pip, downloads bootstrap.pypa.io/get-pip.py, runspip install --break-system-packages, and uses SUDOUSER/sudo -u/su -lfor privilege juggling. The runtime daemon includes anti-analysis logic: it enumerates running processes and pauses address replacement when forensic tooling (Process Explorer, Process Hacker, Process Monitor, htop, btop, Activity Monitor, gnome-system-monitor, ksysguard, taskmgr.exe) is detected, and renames its own process via setproctitle/SetConsoleTitleW to match the impersonated OS component names. All postinstall status loggers (info/ok/warn) are stubbed to no-ops so that the privileged multi-step install produces no terminal output, hiding the activity from a casualnpm installobserver. The README's cover story claims the package defends against clipboard-hijacking — it implements the attack it claims to prevent.Source: ossf-package-analysis (594054a5de1b58c5ed2cdd11d2a561b1733798ed39ef0268b80a926a8007e1c3)
The OpenSSF Package Analysis project identified 'clipboard-guardian' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
- The package executes one or more commands associated with malicious behavior.
- Database specific
{ "malicious-packages-origins": [ { "import_time": "2026-05-24T21:49:24.4733663Z", "sha256": "594054a5de1b58c5ed2cdd11d2a561b1733798ed39ef0268b80a926a8007e1c3", "source": "ossf-package-analysis", "modified_time": "2026-05-24T19:22:33Z", "versions": [ "1.0.0" ] }, { "import_time": "2026-05-24T21:49:24.716073482Z", "sha256": "90983188b7d0104d9777629e73c00d1c7fdb923629204e6e97ef7f2a8b3e55c4", "source": "ossf-package-analysis", "modified_time": "2026-05-24T19:27:24Z", "versions": [ "1.0.1" ] }, { "versions": [ "1.0.2" ], "sha256": "9c2987a4f9d3ec9ca38e2273bbd3f2627bcdb6ce8eeac1bee597179dc4580f62", "source": "ossf-package-analysis", "modified_time": "2026-05-24T20:07:32Z", "import_time": "2026-05-24T21:49:24.997532419Z" }, { "id": "IN-MAL-2026-004542", "versions": [ "1.0.2" ], "sha256": "11c3b919479d4cd54c419070c49749230c3c74ef81321ba62a4e8c95e1699281", "source": "amazon-inspector", "modified_time": "2026-05-24T20:03:58Z", "import_time": "2026-05-26T05:52:48.384586232Z" }, { "id": "IN-MAL-2026-004543", "versions": [ "1.0.2" ], "sha256": "605112731a21e3e866efce7b5ba25eece166f71ecaff4ef0dac557602fba8cd1", "source": "amazon-inspector", "modified_time": "2026-05-24T20:03:59Z", "import_time": "2026-05-26T05:52:48.481861691Z" }, { "id": "IN-MAL-2026-004524", "versions": [ "1.0.0" ], "sha256": "6cf1e5328821dbb36e54a2d796ad934ebe79257f8927e2ba741016c4a0f2c79d", "source": "amazon-inspector", "modified_time": "2026-05-24T18:38:12Z", "import_time": "2026-05-26T05:52:46.445131525Z" }, { "id": "IN-MAL-2026-004545", "versions": [ "1.0.3" ], "sha256": "9e7aed639547e041cacae70c94ac40cf52f9c50f5f5df4a096cef475e883c686", "source": "amazon-inspector", "modified_time": "2026-05-24T20:04:03Z", "import_time": "2026-05-26T05:52:48.69498734Z" }, { "id": "IN-MAL-2026-004536", "versions": [ "1.0.1" ], "sha256": "c8b109f53204f480cbab8577c5f2b1d76c65afb621014830df2a815f6dfb96f3", "source": "amazon-inspector", "modified_time": "2026-05-24T19:22:52Z", "import_time": "2026-05-26T05:52:47.755408093Z" }, { "id": "IN-MAL-2026-004525", "import_time": "2026-05-26T05:52:46.538588391Z", "sha256": "d1e883d9ebf87558dc0aba8446e810464a859fe32e3c528c609162956483f423", "source": "amazon-inspector", "modified_time": "2026-05-24T18:38:12Z", "versions": [ "1.0.0" ] }, { "id": "IN-MAL-2026-004537", "import_time": "2026-05-26T05:52:47.866031383Z", "sha256": "0001eebc50a7847126e2aa6b7af9d3f0db1d4b7c274c71ee7b1b09cd799bb6c5", "source": "amazon-inspector", "modified_time": "2026-05-24T19:22:52Z", "versions": [ "1.0.1" ] }, { "id": "IN-MAL-2026-004544", "versions": [ "1.0.3" ], "sha256": "08727f82aee199574c1c75736485c585029c7ca5e99f1cda6d155a01929a5808", "source": "amazon-inspector", "modified_time": "2026-05-24T20:04:03Z", "import_time": "2026-05-26T05:52:48.579426711Z" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
- OpenSSF: Package Analysis - FINDER
-
Affected packages
npm / clipboard-guardian
Package
- Name
- clipboard-guardian
- View open source insights on deps.dev
- Purl
- pkg:npm/clipboard-guardian
Database specific
cwes
[
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"cweId": "CWE-506",
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature."
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"cweId": "CWE-506",
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature."
}
]
indicators
{
"evidence_files": [
{
"path": "clipboard_guardian/guardian.py",
"sha256": "ac5aca37664b0a0081f13279fc31e58bfd359b7a7564697c362bac590ea2c8fd",
"tlsh": "95627404e969dc2283c2645a0c92c4a276b46fa76d14646c7fbec13c8f5e13fb0f926d"
},
{
"path": "package.json",
"sha256": "e8ed9aa3bb71b98ddf906eb0e7664eacc93c1e1d5a75835ee61ca1f392fa648b",
"tlsh": "c4f08b06c5341f2fb1c8a68d1edb6509b4280d8baa143d2daa83584c0bad53504bf7f9"
},
{
"path": "npm-install.cjs",
"sha256": "e58f6237705a40295bd3ed2a09ef9da7858d4101e3d987c1fbc596aa1c14b04e",
"tlsh": "4642189692b1667c99f3a66ea687502b01198d1f3501f89cf5ae90dc0f0f139837b73e"
}
],
"package_integrity": [
{
"filename": "clipboard-guardian-1.0.2.tgz",
"hashes": {
"sha512_sri": "sha512-ejWz695joojg8jpOBrwmYsLPku0mUg0scYnOoJD/C1afo2IMhgmx+bkVVqjKPsyUK9oihX+ekaDTR4qen27HZg==",
"sha1": "6c75473cf57c2307747e138697133f75ed8a7c96"
}
}
],
"domains": [
"bootstrap.pypa.io"
]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/clipboard-guardian/MAL-2026-4290.json"