Discord-Focused Malware AnarchyGrabber Evolves, Now Attacking Users’ Direct Contacts
An updated version of the AnarchyGrabber trojan has begun circulating the Internet posing a threat to the communication app Discord users. The malware is reportedly geared to steal users’ passwords and tokens, disable two-factor authentication (2FA), and even spread the attack on a victim’s contacts, Bleeping Computer reported on May 24.
AnarchyGrabber is a malicious program that particularly targets Discord users. Once installed, the malware is capable of initiating damaging activities in a victim’s computer system, stealing personal data, spying on its victims, and manipulating the system’s processes, among other things.
AnarchyGrabber Continues to Develop, Posing New Threats
Bad actors distribute AnarchyGrabber on Discord disguising it as a game cheat, hacking tool, or copyrighted software. Last week, the community detected a new version of the malware dubbed AnarchyGrabber3.
The modified version’s features now enable cybercriminals to steal users’ plain text password and command an infected client to spread the malicious program to a victim’s contacts on Discord.
The modified client then runs commands received from the attacker, wherein one of those commands orders the modified client to send a message—that contains malware within it— to all of the logged-in user’s friends.
Communication Apps Fall Victim to Increased Hacker Attacks
Hacker attacks on communication applications have gained traction in recent months given people’s growing demand for staying in touch with friends and relatives amid the coronavirus pandemic.
Most recently, researchers found two new malware files disguised as installers for the communication app Zoom. Once downloaded and installed, one of the malicious files that mimics the Zoom installer sets up a backdoor that enables criminals to initiate malicious processes remotely. The other file installs the so-called Devil Shadow botnet in devices.
Also, a group of cybersecurity researchers detected a severe security vulnerability in Bluetooth-based communication that can potentially enable bad actors to impersonate any Bluetooth master or slave device, earlier in May. The probe showed that during BIAS attacks criminals can obtain all sorts of data, according to the device that the attacker is impersonating.
Meanwhile, Google is planning to implement end-to-end encryption into its communication app, Google Messages. This will apparently keep third-parties from message tampering.
Written by Ana Alexandre
Subscribe to our Newsletter<
- Researchers Disclose Bot in Disguise Mining Crypto and Stealing User Data
- Banking Trojan Mekotio Now Targets Cryptocurrencies
- New Report Reveals How Long Hackers Keep Using Compromised Accounts
- North Korean Hackers Create Crypto-Trading Apps to Steal Cryptocurrencies
- CipherTrace: Twitter Hackers Laundered Stolen Bitcoins Through Exchanges and Casinos
- 7th Hacker Congress in Prague to Seek Relief from Digital Totalitarianism
- Former GlobalHell Hacker: The Attack on Twitter Is Way Bigger than Anticipated
- UK, U.S., and Canada Accuse Russia of Hacking Attacks to Steal Secret Research on Covid-19 Vaccine