Welcome to the IKCEST
English
English 中文 русск français español العربية

Language

We detect your regional language is French. Do you want to change site's language to French? You may choose other languages.

International

English
中文
русск
français
español
العربية
No Change
Old Version Old Version
Mobile
Scan this QR code on your phone to browse IKCEST
Sign up Notification
LV1 10/100
User Center
My Training Class
Feedback
 Logout
Become author
ALL
ALL Expert Article Patent Conference Article Book Organization
Multilingual Search
Advanced Search
Hot Search:

Hackers have turned Discord into an account stealer - here's what you need to know
Jun 22, 2020

Source: https://www.techradar.com/news/hackers-have-turned-discord-into-an-account-stealer-heres-what-you-need-to-know

It takes around min to read this article.

(Image credit: Shutterstock / Konstantin Savusia)

Researchers have uncovered a new malware campaign that turns popular gaming chat service Discord into a dangerous account stealer.

Discovered by MalwareHunterTeam, the NitroHack malware masquerades as a software crack that gives users free access to Discord Nitro, the service’s premium subscription tier.

However, upon installation, the malware modifies the Discord client for Windows, turning it into a trojan capable of stealing account credentials and financial information, and then attempts to transmit itself to the victim’s friends and communities.

The malware also reportedly affects users of the Discord web client.

Discord hacked

Discord actively encourages its users to code in new functionality to enhance their experience with the client. JavaScript-coded ‘Discord Bots’ range from the extremely useful (e.g. the ability to accept donations on behalf of a community) to the beautifully trivial (e.g. enhanced meme-sharing).

However, this level of openness also means the client is susceptible to modification attacks. The NitroHack malware tweaks a piece of JavaScript code stored locally on the victim’s computer, and also attempts to introduce malicious code to the same file in alpha and public test builds of the client.

The malware is also persistent, prompting Discord to deliver the victim’s login credentials to the hacker each time the client is booted up, and transmits itself to a victim’s friends via direct message.

In a bid to steal credit card information, meanwhile, the malware hunts for saved payment details attached to the infected user’s account.

NitroHack is also able to evade security software, which might recognize and address the malicious executable file, but is unlikely to register the modification of the Discord client.

Users can check whether their client has been compromised by opening %AppData%\\Discord\0.0.306\modules\discord_voice\index.js using Notepad or a similar software. If unmodified, the file should end with “module.exports = VoiceEngine;”.

Via Bleeping Computer

See more Computing news

Original Text (This is the original text for your reference.)

(Image credit: Shutterstock / Konstantin Savusia)

Researchers have uncovered a new malware campaign that turns popular gaming chat service Discord into a dangerous account stealer.

Discovered by MalwareHunterTeam, the NitroHack malware masquerades as a software crack that gives users free access to Discord Nitro, the service’s premium subscription tier.

However, upon installation, the malware modifies the Discord client for Windows, turning it into a trojan capable of stealing account credentials and financial information, and then attempts to transmit itself to the victim’s friends and communities.

The malware also reportedly affects users of the Discord web client.

Discord hacked

Discord actively encourages its users to code in new functionality to enhance their experience with the client. JavaScript-coded ‘Discord Bots’ range from the extremely useful (e.g. the ability to accept donations on behalf of a community) to the beautifully trivial (e.g. enhanced meme-sharing).

However, this level of openness also means the client is susceptible to modification attacks. The NitroHack malware tweaks a piece of JavaScript code stored locally on the victim’s computer, and also attempts to introduce malicious code to the same file in alpha and public test builds of the client.

The malware is also persistent, prompting Discord to deliver the victim’s login credentials to the hacker each time the client is booted up, and transmits itself to a victim’s friends via direct message.

In a bid to steal credit card information, meanwhile, the malware hunts for saved payment details attached to the infected user’s account.

NitroHack is also able to evade security software, which might recognize and address the malicious executable file, but is unlikely to register the modification of the Discord client.

Users can check whether their client has been compromised by opening %AppData%\\Discord\0.0.306\modules\discord_voice\index.js using Notepad or a similar software. If unmodified, the file should end with “module.exports = VoiceEngine;”.

Via Bleeping Computer

See more Computing news
Comments

    Something to say?

    Log in or Sign up for free

    Disclaimer: The translated content is provided by third-party translation service providers, and IKCEST shall not assume any responsibility for the accuracy and legality of the content.
    Translate engine
    Article's language
    English
    中文
    Pусск
    Français
    Español
    العربية
    Português
    Kikongo
    Dutch
    kiswahili
    هَوُسَ
    IsiZulu
    Action
    Report Collection
    Share
    Related

    Report

    Select your report category*



    Reason*



    By pressing send, your feedback will be used to improve IKCEST. Your privacy will be protected.

    Submit
    Cancel
    ICP备案号:京ICP备14021735号-1    © 2008 - 2023 IKCEST All rights reserved | Sitemap | Contact | About IKCEST

    New sign-in location:     

    Last sign-in location:     

    Last sign-in date: