Gamers Beware: Hackers are using malware to steal your passwords on the popular gaming communication app Discord password and attack your friends
Users of popular gaming communication app Discord have recently come under attack from hackers. A popular trojan malware known as AnarchyGrabber has recently undergone an update that has given it the capability of not only stealing passwords from Discord users but also a variety of new threats.
In addition to stealing passwords, AnarchyGrabber3, as the new update is known, can also disable the user’s two-factor authentication before attempting to spread the malware to those on the user’s friends list. The password itself is stolen in text form, so the attackers can easily see the user’s credentials before attempting to use that information to compromise accounts on other services. This is just one of the reasons why it’s important not to use the same password on multiple sites.
AnarchyGrabber3 is a silent plugin until it’s script is activated. After activation, it begins to load other JavaScript files by logging the user out of Discord and prompting them to log back in. After the user does so, AnarchyGrabber3 automatically attempts to disable two-factor authentication on the user’s account. Then, AnarchyGrabber3 takes advantage of Discord’s webhook services to send not only the user’s email address and login name to a compromised server, but also the user token, IP address, and their password. It can even decipher remote voice commands and send messages from the compromised user to their friends list.
Detecting AnarchyGrabber3
AnarchyGrabber3 is also good at avoiding detection. This malware works by modifying JavaScript code that the Discord client loads when it starts up. Once that code is modified, the malware itself seems to vanish.
There is, however, a way to tell if your computer has been affected. Simply open Discord’s index.js file with notepad and look for a single line of code that looks like this:
module.exports = require(‘./core.asar’)
If your client contains no other code, then it likely hasn’t been infected with the trojan.
One reason for the rise in these attacks is that its creators have made the AnarchyGrabber code freely available and tutorials are easy to find on streaming video sites. That makes it easy for even relatively unskilled hackers to launch attacks.
Although the potential damage caused by AnarchyGrabber might seem fairly low, the danger of having a primary password that is used across different platforms stolen cannot be understated. So gamers, make sure that you are protected against more than just the rival team in your first-person shooter tournament!
