{"id":271763,"date":"2024-01-24T06:04:59","date_gmt":"2024-01-24T11:04:59","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/es\/?p=325264"},"modified":"2025-07-01T17:10:16","modified_gmt":"2025-07-02T00:10:16","slug":"be-careful-using-discord-they-are-stealing-key-information-from-users-and-servers","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/be-careful-using-discord-they-are-stealing-key-information-from-users-and-servers\/","title":{"rendered":"Be careful using Discord: they are stealing key information from users and servers"},"content":{"rendered":"\n

Trellix cybersecurity researcher Gurumoorthi Ramanathan details the malware and data extraction techniques used by hackers to attack Discord, the most used application by gamers to communicate.<\/p>\n\n\n

\r\n
\r\n
\r\n
\r\n \"Discord\"\r\n <\/div>\r\n
\r\n Discord<\/span>\r\n DOWNLOAD<\/a>\r\n <\/div>\r\n
\r\n <\/path><\/path><\/text><\/svg>\r\n <\/div>\r\n <\/div>\r\n
\r\n <\/span>\r\n <\/div>\r\n
\r\n \r\n <\/div>\r\n <\/a>\r\n <\/div>\r\n<\/div>\n\n\n\n

According to the report<\/a>, threat actors have built a sophisticated infostealer called NS-STEALER. They distribute it through ZIP files disguised as cracked software<\/strong> (pirated Windows 11 or unlicensed Photoshop).<\/p>\n\n\n\n

When a victim extracts the compressed file, they will find a Windows shortcut titled “Loader GAYve” that, if executed, will deploy a malicious Java program.<\/p>\n\n\n\n

This program will do two things:<\/strong> first, it will create a folder called “NS-<11-digit_random_number>”, where it will store all the collected information. Then, it will start capturing the data.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Looking for sensitive data to steal money<\/h2>\n\n\n\n

NS-STEALER will search for information stored in over two dozen browsers: <\/strong>cookies, credentials, and autofill data. It will then start taking screenshots of the infected device, collecting system information and the list of programs installed on the device.<\/p>\n\n\n\n

Then it will extract Discord tokens, as well as Steam and Telegram session data<\/strong>. Finally, it will filter all of the above to a Discord Bot channel. That’s where all the information ends up to monetize the hacking.<\/p>\n\n\n\n

\n

Alert! New Java #malware<\/a> "NS-STEALER" uses bots to steal your logins and wallet data from popular browsers and exfiltrates secrets via Discord.

Learn more: https:\/\/t.co\/vAdo3RQt3A<\/a>#cybersecurity<\/a><\/p>— The Hacker News (@TheHackersNews) January 22, 2024<\/a><\/blockquote>