NitroHack Modifies Discord, Steals Your Info, And Contacts Your Friends
By: Jim Stickley and Tina Davis
July 17, 2020
Let’s start with Discord. This is a communication tool that helps various communities connect, such as gamers, education providers, and businesses. It’s freeware and to help improve how it can help its users, there are mechanisms that allow others, and even encourages them to code in new functionality. However, while this can be useful, it can also leave the product vulnerable to modification that puts users at risk for various attacks. And in this case, some researchers at MalwareHunterTeam have found this to be the case.
NitroHack malware was found that turns Discord into an account stealer. It masquerades as a “software crack” that will allow users access to the premium services at no charge. However, what really happens is that it steals account credentials and financial information. Subsequently, it also attempts to infect the victims’ friends and communities. It affects the Discord Windows client as well as the web client. Adding insult to injury, it can also bypass security software.
Users who think they may be infected, or just want to make sure they aren’t and are technically savvy enough to do it, can check by opening “%AppData%Discord.0.306modulesdiscord_voiceindex.js. If that file ends with “module.exports = VoiceEngine;” it’s good news. That means the file has not been modified.
This doesn’t mean that it’s dandy to throw cybersecurity caution to the wind. In fact, watching out for malware like this is more important than ever. In May of this year, Discord was attacked as well. That was with an update to the AnarchyGrabber trojan, which was a password and user token stealer. It could disable multi-factor authentication and spread to others. It also involved a modified Discord client file. Likely, this is still making its rounds now too.
A few tips for anyone using Discord:
- Don’t “hack” Discord just for freebies. It’s not worth getting malware and spreading it to others.
- Always make sure antivirus software is installed and kept updated. Although it doesn’t catch everything, it catches a lot of it that would otherwise cause you grief.
- Keep all of your software and apps updated with the latest versions.
- If someone sends a link or attachment in a chat or on a community board, don’t click it unless you are 100% sure it’s safe. Criminals are infiltrating communities and putting links and infected files on those hoping users will click away. If anything seems amiss, don’t click.