Jacques Andre

Software Engineering Student

crypto-yank

Posted at — Mar 1, 2021

Introduction:

Since getting interested in crypto-currencies I have always wanted to create a project that involved them. crypto-yank is that project.

I started the project 8 months ago after I had read about the library pyperclip. My code was decent although a little bloated. I’ve since revisited the project and re factored the code.

How it all works:

pyperclip & regex are the main factors at play. The program first analyzes the clipboard using pyperclip.paste() and then tries to find a match between the users clipboard and a valid regex address string. If a match is found, the specified replacement address in the addresses.json file will be swapped with the users clipboard. Although if no addresses are found in the clipboard, the program will remain dormant until the next valid match.

An attacker could easily run this script on a target computer or compile it with Nuitka.

Demo:

crypto-yank demo crypto-yank is replacing the clipboard any time an address is copied.

Preventing this attack:

This project has shown that you should always verify the address you are sending to. Make sure to check the first,middle and last few characters.

*I take no responsibility on how you decide to use crypto-yank. The project is a proof of concept.

Github page