In just five short years, Discord’s popularity with gamers has soared. Today, Discord has 250 million registered users and around 15 million of them active on any given day… which is why it’s become a popular target for cybercriminals. One persistent threat that has plagued Discord for some time is AnarchyGrabber. It’s a particularly stealthy trojan that can steal users’ credentials and authentication tokens.
MalwareHunterteam spotted an updated version of AnarchyGrabber this week. It can now steal unencrypted passwords and send them back to the attacker. It also actively seeks new victims by targeting a user’s friends on Discord. The malware is fairly good at avoiding detection, too. AnarchyGrabber works by modifying JavaScript code that the Discord client loads when it starts up. Once that code is modified, the malware itself more or less vanishes.
Source: Forbes
