Various Malware Lurks in Discord App to Target Gamers

2021-02-11 15:03

Discord group-chatting platform originally built for gamers and has evolved to become a virtual watering hole for socializing.

While planting malware in Discord is not a new activity, researchers discovered a number of novel campaigns using various known malware to lure gamers from within the platform.

Malware found being planted recently in Discord includes not only Epsilon ransomware, but also the XMRig miner and three types of stealers-Redline Stealer, TroubleGrabber and a broad category of unidentified Discord token grabbers, according to ThreatLabZ. The new Discord attacks observed by researchers usually start with spam emails in which users are tricked with legitimate-looking templates into downloading next-stage payloads.

Researchers investigated the attack vectors of the different types of malware detected in the latest Discord campaigns, which each have their own methods.

The other grabbers observed by researchers use Discord tokens to steal user information, a type of malicious activity that researchers at Sonatype also observed targeting Discord last month using the CursedGrabber malware.

Discord tokens are used inside bot code to send commands back and forth to the Discord API, which in turn controls bot actions.

News URL

https://threatpost.com/various-malware-lurking-in-discord-app-to-target-gamers/163867/

#malware