You can check if your client is infected with this malware by checking the unmodifiable JavaScript file located at %AppData%\Discord\\modules\discord_desktop_core\index.js file, enter this location in Windows Run.
This command makes the client send a message to all the friends added on the account that contains malware.īleeping Computer adds that the malware is undetectable by antivirus software as after it compromises the Discord client, its executable stops running. The infected client can also take commands from threat actors to spread AnarchyGrabber and other types of malware to the friends added on the compromised account. SEE ALSO: FBI Needs A Warrant Just To Look At Your Phone's Lock Screen, Says Judge
Additionally, the plain text passwords can be used in credential-stuffing attacks on victim’s accounts that are on other platforms. With 2FA disabled and access to credentials, threat actors can access the victim’s accounts. The malware then proceeds to send credentials like email address, login name, user token, plain text password, and IP address through a webhook to the threat actor’s Discord channel. When the malicious files are loaded, the Discord client is compromised and the victim will be forced to log back into their account.Īfter an unaware user logs in, the compromised client will try to disable 2FA. The malware can modify a JavaScript file of Discord client that will allow it to load additional files from its own folder. According to a report by BleepingComputer, AnarchyGrabber has recently been updated with more powerful features. Previous versions of AnarchyGrabber could be used by threat actors to steal Discord user token to gain access to victims account. We cannot guarantee that those users will join your community or server – it all depends on the quality of your message and the user’s willingness to follow your Call To Action, but we can assist in setting everything up, if you would like help with that.A new version of the AnarchyGrabber Trojan has been spotted that can be used by threat actors to steal plain text passwords, disable 2FA and even spread the malware to the friends added on the account of unaware users with infected clients. If you want to grow your server more organically, our invite-only Mass DM program allows for messaging real users on small or big Discord servers, that you can entice to join your community on Discord or elsewhere. Additionally, all online-boosted members have a random chance to start playing a game like Minecraft, Fortnite, CS:GO and many more, and switch their statuses from online to DnD or idle and back.
Offline boostings work as described, but the members are permanently offline, while with online boostings all joined members are following a realistic online/offline cycle to simulate going to sleep in different time zones. Generally, we differentiate between offline and online boostings. All usernames and profile pictures have been scraped from real users on real, big Discord servers and communities. – to make them look as legit as possible. All accounts are created with realistic usernames and profile pictures – some even have a Hypesquad badge etc.
We have developed not-for-sale applications that allow us to generate accounts for Discord, which we then can use to boost a server’s member count by joining these accounts on a specific server.