Discord-Focused Malware AnarchyGrabber Evolves, Now Attacking Users’ Direct Contacts
/ of 30 sources
An updated version of the AnarchyGrabber trojan has begun circulating the Internet posing a threat to the communication app Discord users. The malware is reportedly geared to steal users’ passwords and tokens, disable two-factor authentication (2FA), and even spread the attack on a victim’s contacts, Bleeping Computer reported on May 24.
AnarchyGrabber is a malicious program that particularly targets Discord users. Once installed, the malware is capable of initiating damaging activities in a victim’s computer system, stealing personal data, spying on its victims, and manipulating the system’s processes, among other things.
AnarchyGrabber Continues to Develop, Posing New Threats
Bad actors distribute AnarchyGrabber on Discord disguising it as a game cheat, hacking tool, or copyrighted software. Last week, the community detected a new version of the malware dubbed AnarchyGrabber3.
The modified version’s features now enable cybercriminals to steal users’ plain text password and command an infected client to spread the malicious program to a victim’s contacts on Discord.
The modified client then runs commands received from the attacker, wherein one of those commands orders the modified client to send a message—that contains malware within it— to all of the logged-in user’s friends.
Communication Apps Fall Victim to Increased Hacker Attacks
Hacker attacks on communication applications have gained traction in recent months given people’s growing demand for staying in touch with friends and relatives amid the coronavirus pandemic.
Most recently, researchers found two new malware files disguised as installers for the communication app Zoom. Once downloaded and installed, one of the malicious files that mimics the Zoom installer sets up a backdoor that enables criminals to initiate malicious processes remotely. The other file installs the so-called Devil Shadow botnet in devices.
Also, a group of cybersecurity researchers detected a severe security vulnerability in Bluetooth-based communication that can potentially enable bad actors to impersonate any Bluetooth master or slave device, earlier in May. The probe showed that during BIAS attacks criminals can obtain all sorts of data, according to the device that the attacker is impersonating.
Meanwhile, Google is planning to implement end-to-end encryption into its communication app, Google Messages. This will apparently keep third-parties from message tampering.
Written by Ana Alexandre
Chainalysis expands Series B round, raising US$13M
Chainalysis was founded in New York in 2014 by Michael Gronager and Jonathan Levin. Gronager serves as the CEO while Levin serves as the CSO of the...
Stalkerware Usage in on the Rise as Domestic Violence Rates Surge During Lockdown
The global deployment of spy and stalking applications has surged by as much as 51% since the world’s governments introduced the lockdown in March,...
BitClub Co-Creator Pleads Guilty to $722 Million Ponzi Scheme
The co-creator of the massive crypto Ponzi scheme BitClub has pled guilty for his role in the scam which defrauded investors of at least $722 million...