-= Per source details. Do not edit below this line.=-
Package targets Bittensor (BIP-39) wallet holders. On import, defaults.env loads a hardcoded TELEGRAMBOTTOKEN (8666228137) and TELEGRAMCHATID (8766781014) into the process environment; PACKAGEOVERRIDEKEYS prevents users from overriding these via their own.env. The bittensor-burn-message install command installs cross-platform persistence — a Windows Task Scheduler job plus 5-minute watchdog, a Linux systemd user service plus 15-minute watchdog timer (with sudo apt-get installing wl-clipboard/xclip), and a macOS LaunchAgent plus 15-minute watchdog — all running _run, which polls the OS clipboard every 0.5s. Clipboard contents matching exactly 12 or 24 whitespace-separated words (BIP-39 mnemonic lengths) are deduplicated by fingerprint and POSTed to https://api.telegram.org/bot<token>/sendMessage at the hardcoded chat. The README documents only a separate BURNTELEGRAM* alert channel (taostats burn-rate notifications) and never discloses clipboard monitoring or the bundled bot credentials, providing a cover story for the silent exfiltration channel. defaults.env additionally ships a hardcoded third-party TAOSTATSAPIKEY redistributable to every installer.
The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard and if the content matches the pattern, exfiltrates it. The targeted data are likely cryptocurrency secret seed phrases.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-clip-logger
Reasons (based on the campaign):
clipboard-stealing
crypto-related
{
"malicious-packages-origins": [
{
"versions": [
"1.0.1"
],
"sha256": "9f944487719b66d8096157672796e641c5d1417d5ab6f9ec40c22da781727c1b",
"modified_time": "2026-06-11T23:08:40.186102Z",
"source": "kam193",
"import_time": "2026-06-12T00:03:17.891782138Z",
"id": "pypi/2026-06-clip-logger/bittensor-burn-message"
},
{
"versions": [
"1.0.1"
],
"sha256": "f574e414f35843b11dbb52cd921ce2f2e57f6292845d4770256bea17b41d86e8",
"modified_time": "2026-06-12T19:07:18Z",
"source": "amazon-inspector",
"import_time": "2026-06-12T19:43:57.968922556Z",
"id": "IN-MAL-2026-006010"
}
]
}{
"package_integrity": [
{
"filename": "bittensor_burn_message-1.0.1.tar.gz",
"hashes": {
"sha256": "2bc371ab68a1a9e9653109762693b51765fead6a4722dc833fe58517ee587046",
"md5": "6f918c3b2834af8493ecdefe96b67dc6",
"blake2b_256": "e73ee1b2b3879de8ae244d988551cb07857b905e7d8b96ab38a83a710c6be904"
}
}
],
"evidence_files": [
{
"sha256": "9d765d7c1621562a0c7710d0b6db8cc3e4544ed25cd58b296eb937803355d905",
"path": "bittensor_burn_message/defaults.env",
"tlsh": "cdd02b12466cfb52ad025d11601aa25d50dd551fbf12c2d0a35b42c7b4514e646fe3a9"
},
{
"sha256": "108b1b1689581d382e10625dd4c3980f2e6d2cb7e60e4376e63f347e5668041c",
"path": "bittensor_burn_message/core.pyx",
"tlsh": "c563d609ea292c37d7a7c63d8e47d102621abc970e147434bddca6682f8917ac1f57ec"
}
]
}
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/bittensor-burn-message/MAL-2026-5680.json"
[
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
}
]