Be careful using Discord: they are stealing key information from users and servers

When a victim extracts the compressed file, they will find a Windows shortcut titled “Loader GAYve,” and if executed, you are in trouble.

Trellix cybersecurity researcher Gurumoorthi Ramanathan details the malware and data extraction techniques used by hackers to attack Discord, the most used application by gamers to communicate.

Discord DOWNLOAD

According to the report, threat actors have built a sophisticated infostealer called NS-STEALER. They distribute it through ZIP files disguised as cracked software (pirated Windows 11 or unlicensed Photoshop).

When a victim extracts the compressed file, they will find a Windows shortcut titled “Loader GAYve” that, if executed, will deploy a malicious Java program.

This program will do two things: first, it will create a folder called “NS-<11-digit_random_number>”, where it will store all the collected information. Then, it will start capturing the data.

Looking for sensitive data to steal money

NS-STEALER will search for information stored in over two dozen browsers: cookies, credentials, and autofill data. It will then start taking screenshots of the infected device, collecting system information and the list of programs installed on the device.

Then it will extract Discord tokens, as well as Steam and Telegram session data. Finally, it will filter all of the above to a Discord Bot channel. That’s where all the information ends up to monetize the hacking.

“Taking into account the highly sophisticated function of collecting sensitive information and the use of X509Certificate to support authentication, this malware can quickly steal information from the victim’s systems with [Java Runtime Environment]”, explains Ramanathan.

Discord DOWNLOAD

This is not the first time that hackers find a way to abuse Discord for their nefarious purposes. In fact, Discord has been targeted by hacks for years.

Be careful and do not download anything suspicious through Discord or unreliable websites.

Author: Chema Carvajal Sarabia

{ "de-DE": "Journalist, spezialisiert auf Technologie, Unterhaltung und Videospiele. Über das zu schreiben, was mich begeistert (Gadgets, Spiele und Filme), ermöglicht es mir, bei Verstand zu bleiben und mit einem Lächeln im Gesicht aufzuwachen, wenn der Wecker klingelt. PS: Das stimmt nicht 100% der Zeit.", "en-US": "Journalist specialized in technology, entertainment and video games. Writing about what I'm passionate about (gadgets, games and movies) allows me to stay sane and wake up with a smile on my face when the alarm clock goes off. PS: this is not true 100% of the time.", "es-ES": "Content Manager - Periodista especializado en tecnología, entretenimiento y videojuegos. Escribir sobre lo que me apasiona (cacharros, juegos y cine) me permite seguir cuerdo y despertarme con una sonrisa cuando suena el despertador. PD: esto no es cierto el 100 % de las veces.", "fr-FR": "Journaliste spécialisé dans la technologie, le divertissement et les jeux vidéo. Écrire sur ce qui me passionne (gadgets, jeux et films) me permet de rester sain d'esprit et de me réveiller avec le sourire aux lèvres quand le réveil sonne. PS : cela n'est pas vrai 100 % du temps.", "it-IT": "Giornalista specializzato in tecnologia, intrattenimento e videogiochi. Scrivere di ciò che mi appassiona (gadget, giochi e film) mi permette di mantenere la sanità mentale e di svegliarmi con un sorriso sul viso quando suona la sveglia. PS: questo non è vero al 100% del tempo.", "ja-JP": "", "nl-NL": "", "pl-PL": "", "pt-BR": "Jornalista especializado em tecnologia, entretenimento e videogames. Escrever sobre o que me apaixona (gadgets, jogos e filmes) me permite manter a sanidade e acordar com um sorriso no rosto quando o despertador toca. PS: isso não é verdade 100% do tempo.", "social": { "email": "chemacs91@gmail.com", "facebook": "", "twitter": "https://twitter.com/chematopetazo", "linkedin": "" } }