Apps

Hackers using Discord bots to steal information

Experts are cautioning that hackers are employing Discord to snatch data gathered from compromised computers. In a recent report, cybersecurity researcher Gurumoorthi Ramanathan from Trellix outlined the malware and the techniques it utilized for data exfiltration.

As per the report, the bad actors developed an advanced infostealer dubbed NS-STEALER. They’re circulating it through ZIP archives posing as cracked software. Once a victim unpacks the archive, they’ll come across a Windows shortcut named “Loader GAYve.” If triggered, it sets off a malicious Java program. This program has a dual purpose: firstly, it forms a folder labeled “NS-<11-digit_random_number>” to stash all the gathered information. Secondly, it initiates the data-grabbing process.

NS-STEALER goes on the hunt for info stored in over two dozen browsers—cookies, credentials, and autofill data. After that, it goes into action, capturing screenshots of the compromised device, snagging system details, and compiling a list of installed programs. It doesn’t stop there; it also grabs Discord tokens, along with session data for Steam and Telegram.

In the grand finale, it sends all this loot to a Discord Bot channel.

“Considering the highly sophisticated function of gathering sensitive information and using X509Certificate for supporting authentication, this malware can quickly steal information from the victim systems with [Java Runtime Environment],” Ramanathan said. “The Discord bot channel as an EventListener for receiving exfiltrated data is also cost-effective.”

It’s not the first rodeo for hackers exploiting Discord for their shady schemes. In reality, Discord has been a playground for misuse for quite some time. In 2020, researchers from MalwareHunterTeam stumbled upon a remote access trojan (RAT) that employed Discord as a command and control (C2) server.

In that very year, researchers caught wind of a variant of the AnarchyGrabber trojan doing its dirty work—snatching plain text passwords from victims and even instructing an infected client to spread malware to their Discord buddies.

Rohan Sharma

Recent Posts

Best Video Editing Software For PC

Video editing is one of the most in-demand skills in today’s content creation era. If…

8 months ago

Samsung planning to introduce blood glucose monitoring with Galaxy Watch 7

There have been whispers about Samsung's ambition to equip their wearable gadgets with a neat trick:…

8 months ago

TSMC to lock horns with Intel with its A16 chip manufacturing tech

Taiwan Semiconductor Manufacturing Co (TSMC) recently dropped the news that they're gearing up to kick off production…

8 months ago

Is ChatGPT accurate and should we believe what it says?

Modern chatbots like ChatGPT can churn out dozens of words per second, making them incredibly…

8 months ago

Mark Zuckerberg claims Meta is years away from making money through gen AI

The race for generative AI is in full swing, but don't count on it raking…

8 months ago

How JioCinema’s dirt cheap plans can mean trouble for Netflix, Amazon Prime

JioCinema, the famous Indian on-demand video-streaming service, unveiled a new monthly subscription plan, starting at…

8 months ago