MALICIOUS (1) campaign cataloged at 2026-06-07(2).

1. The campaign has clearly malicious intent, like infostealers.
2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2026-06-clip-logger

The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard and if the content matches the pattern, exfiltrates it. Early versions contain this behavior mentioned in the README. The targeted data are likely cryptocurrency secret phrases.

Abuse categories

clipboard_stealing

Campaign uses clipboard_stealing.

crypto-related

Malicious activity is related to cryptocurrencies or blockchain, e.g. stealing crypto wallets.

Packages in the campaign

campaign:2026-06-clip-logger

• bittensor-burn-watch
• clip-logger