Discord-Focused Malware AnarchyGrabber Evolves, Now Attacking Users’ Direct Contacts
Posted on 05-25-2020.
An updated version of the AnarchyGrabber trojan has begun circulating the Internet posing a threat to the communication app Discord users. The malware is reportedly geared to steal users’ passwords and tokens, disable two-factor authentication (2FA), and even spread the attack on a victim’s contacts, Bleeping Computer reported on May 24.
AnarchyGrabber is a malicious program that particularly targets Discord users. Once installed, the malware is capable of initiating damaging activities in a victim’s computer system, stealing personal data, spying on its victims, and manipulating the system’s processes, among other things.
AnarchyGrabber Continues to Develop, Posing New Threats
The malware has already been around for some time, and mostly affected
Bad actors distribute AnarchyGrabber on Discord disguising it as a game cheat, hacking tool, or copyrighted software. Last week, the community detected a new version of the malware dubbed AnarchyGrabber3.
The modified version’s features now enable cybercriminals to steal users’ plain text password and command an infected client to spread the malicious program to a victim’s contacts on Discord.
The modified client then runs commands received from the attacker, wherein one of those commands orders the modified client to send a message—that contains malware within it— to all of the logged-in user’s friends.
Communication Apps Fall Victim to Increased Hacker Attacks
Hacker attacks on communication applications have gained traction in recent months given people’s growing demand for staying in touch with friends and relatives amid the coronavirus pandemic.
Most recently, researchers found two new malware files
disguised as installers for the communication app Zoom. Once downloaded and installed, one of the malicious files that mimics the Zoom installer sets up a backdoor that enables criminals to initiate malicious processes remotely. The other file installs the so-called Devil Shadow botnet in devices.
Also, a group of cybersecurity researchers detected a severe security vulnerability in Bluetooth-based communication
that can potentially enable bad actors to impersonate any Bluetooth master or slave device, earlier in May. The probe showed that during BIAS attacks criminals can obtain all sorts of data, according to the device that the attacker is impersonating.
Meanwhile, Google is planning to implement
end-to-end encryption into its communication app, Google Messages. This will apparently keep third-parties from message tampering.
Written by Ana Alexandre
Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.