There’s always more information about how to keep your Discord account safe. With the help of a few malware variations and the npm open-source repository, cybercriminals have discovered a new way to steal your Discord account.
The thieves have developed four harmful packages that disseminate two distinct malware variants. Volt Stealer and Lofy Stealer.
These packages have been made available through the repository, where numerous developers are utilizing them. Once incorporated, the virus will try to collect various pieces of information from the victims. Such as credit card numbers, Discord tokens, and other kinds of delicate and perhaps identifying information.
Monitoring changes to passwords to keep your Discord account safe
Discord tokens are taken from hacked endpoints by VoltStealer. Additionally, it seizes the IP addresses of the victims and uploads them using HTTP.
On the other hand, Lofy Stealer has the capacity to infect Discord client files and watch the victims’ activities. It can keep track of when a user logs in, updates their login information (including their email and password), modifies or disables multi-factor authentication, or adds a new payment method that includes credit card information. Then, all of this information is uploaded to a distant server.
Discord is the preferred messaging app for developers, gamers, and fans of blockchain and NFT, therefore threat actors love to target it. As a result, it is rife with opportunities for fraud that might be quite profitable.