![]() The attacker can easily distribute AnarchyGrabber3 to more targets or spread other types of malware.For example you can use a YouTube video link. Here we’ll be using Grabify for the demonstration: First you need to prepare a normal link to reduce suspicion. Once a victim logs in, the modified Discord client disables 2FA on their account, and sends the user's email address, user token, login name, plain text password, and IP address to a Discord channel under the attacker's control. If you’re a tech-savvy user who knows how to get information from an IP address, you can use a public IP grabber to sniff the IP with a logger link.The malicious scripts log out the user from the Discord client and prompt them to log in. When Discord is started, it loads a file named inject.js, which further loads another spiteful javascript file called discordmod.js into the client.Once installed, the malware tweaks the Discord client’s file to stack the JavaScript files added by AnarchyGrabber3.Using the stolen plain text passwords, cybercriminals can conduct credential stuffing attacks to undermine victims’ accounts on other sites.The modified version, AnarchyGrabber3, can steal victims’ plain text passwords and command them to spread malware to their friends on Discord.There’s a lot more going on in the backend
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |