Bleeping Computer

Discord client turned into a password stealer by updated malware

A threat actor updated the AnarchyGrabber trojan into a new version that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. AnarchyGrabber is a popular trojan ...
Threat Post

Various Malware Lurks in Discord App to Target Gamers

Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token ...
Dark Reading

Malicious npm Packages Scarf Up Discord Tokens, Credit Card Info

Four packages containing highly obfuscated malicious Python and JavaScript code were discovered this week in the Node Package Manager (npm) repository. According to a report from Kaspersky, the ...
Infosecurity-magazine.com

Malicious Npm Packages Designed to Steal Discord Tokens

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...
Bleeping Computer

Hackers steal Discord accounts with RedTiger-based infostealer

Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and payment information. The malware can also steal credentials stored in the ...
Threat Post

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...