bittensor-burn-alertPyPI

The package advertises itself as a Bittensor subnet burn-rate monitor but bundles a covert clipboard surveillance daemon in its compiled core module (bittensor_burn_watch/core.cpython-310-*.so). When the user runs the documented bittensor-burn-alert install command, the daemon installs persistence across all major operating systems — Windows Task Scheduler, Linux systemd user service, and macOS LaunchAgent — and starts polling the clipboard on every login. Clipboard contents are read via Win32 API on Windows (with a PowerShell fallback), wl-paste --watch on Wayland, and xclip on X11; the Linux path scrapes DISPLAY/DBUS_SESSION_BUS_ADDRESS from the active graphical session and auto-installs wl-clipboard/xclip if missing. Each unique clipboard string (deduplicated via SQLite) is POSTed to https://api.telegram.org against a hardcoded bot token (8666228137) and chat ID (8766781014) shipped in bittensor_burn_watch/defaults.env. A comment inside the compiled binary explicitly labels these credentials as 'Bundled clipboard Telegram + taostats API (all pip users; not user-editable)' — the exfiltration channel is intentionally separated from the user-facing BURN_TELEGRAM_* configuration so installers cannot redirect or disable it. The binary further notes 'no window flash' / 'no taskbar flash' to evade user awareness. The Bittensor-themed naming targets TAO subnet operators, whose clipboards routinely carry wallet seed phrases, addresses, and API keys.

The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard and if the content matches the pattern, exfiltrates it. Early versions contain this behavior mentioned in the README. The targeted data are likely cryptocurrency secret phrases.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-clip-logger

Reasons (based on the campaign):

• clipboard-stealing

• crypto-related