4africa-Tech
  • Computer Software
  • News Technology
  • Robot Japan
  • Technologies Companies
  • Virtual Machine
  • About Us
    • Advertise Here
    • Contact Us
    • Privacy Policy
    • Sitemap
Select Page

Hackers have turned Discord into an account stealer – here’s what you need to know

Jun 22, 2020

Researchers have uncovered a new malware campaign that turns popular gaming chat service Discord into a dangerous account stealer.

Discovered by MalwareHunterTeam, the NitroHack malware masquerades as a software crack that gives users free access to Discord Nitro, the service’s premium subscription tier.

However, upon installation, the malware modifies the Discord client for Windows, turning it into a trojan capable of stealing account credentials and financial information, and then attempts to transmit itself to the victim’s friends and communities.

The malware also reportedly affects users of the Discord web client.

Discord hacked

Discord actively encourages its users to code in new functionality to enhance their experience with the client. JavaScript-coded ‘Discord Bots’ range from the extremely useful (e.g. the ability to accept donations on behalf of a community) to the beautifully trivial (e.g. enhanced meme-sharing).

However, this level of openness also means the client is susceptible to modification attacks. The NitroHack malware tweaks a piece of JavaScript code stored locally on the victim’s computer, and also attempts to introduce malicious code to the same file in alpha and public test builds of the client.

The malware is also persistent, prompting Discord to deliver the victim’s login credentials to the hacker each time the client is booted up, and transmits itself to a victim’s friends via direct message.

In a bid to steal credit card information, meanwhile, the malware hunts for saved payment details attached to the infected user’s account.

NitroHack is also able to evade security software, which might recognize and address the malicious executable file, but is unlikely to register the modification of the Discord client.

Users can check whether their client has been compromised by opening %AppData%Discord.0.306modulesdiscord_voiceindex.js using Notepad or a similar software. If unmodified, the file should end with “module.exports = VoiceEngine;”.

Via Bleeping Computer

Source Article

Recent Posts

  • Digital era Visual Communication Design
  • Effective WEBSITE POSITIONING Strategies To Grow Your Web site Traffic
  • The Chief In Website Creation
  • How Amazon India is Growing
  • Verizon Media Phrases Of Service

Archives

TL

Categories

  • Computer Software
  • News Technology
  • Robot Japan
  • Technologies Companies
  • Virtual Machine

  • Facebook
  • Twitter
  • Google
  • Instagram
  • RSS
computers4africa.org
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.