Site icon TheDailyCheck.net

Hackers have found a new way to hijack your Discord account

Cybercriminals have found a new way to steal your Discord account using the npm open-source repository alongside a couple of malware (opens in new tab) variants.

As reported by Kaspersky, which first spotted the campaign it dubbed LofyLife, the criminals have  created four malicious packages that spread two different malware variants: Volt Stealer, and Lofy Stealer. 

These packages have been distributed through the repository, where they’re being adopted by various developers. Once integrated, the malware will seek to harvest different information from the victims, including Discord tokens, credit card information, and other types of sensitive, and potentially identifiable data. 

Tracking password changes

Kaspersky says the malicious packages are designed for basic tasks, such as formatting headlines, or some gaming functions. However, digging deeper from the surface, the researchers discovered obfuscated malicious JavaScript and Python code. VoltStealer was written in Python, and Lofy Stealer in JavaScript.

VoltStealer is the one stealing Discord tokens from compromised endpoints. Besides that, it also grabs the victims’ IP addresses and uploads them via HTTP. 

Lofy Stealer, on the other hand, has the ability to infect Discord client files and monitor the victims’ actions. It can track when the user logs in, changes their login details (both email and password (opens in new tab)), when they change or disable multi-factor authentication (opens in new tab), or add a new payment method, including the details of the credit card. All of this data is then uploaded to a remote server.

Threat actors love attacking Discord, as it’s the go-to communications platform for developers, gamers, and blockchain and NFT aficionados. As such, it’s filled with potentially lucrative fraud opportunities. 

The npm repository, on the other hand, is a public library of open-source code, used by many developers building front-end web apps, mobile apps, bots, or routers. The JavaScript community is seemingly heavily dependent on npm, making LofyLife that much more dangerous.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@thedailycheck.net The content will be deleted within 24 hours.
Exit mobile version