Researchers have uncovered a new malware campaign that turns popular gaming chat service Discord (opens in new tab) into a dangerous account stealer.
Discovered by MalwareHunterTeam, the NitroHack malware masquerades as a software crack that gives users free access to Discord Nitro, the service’s premium subscription tier.
However, upon installation, the malware (opens in new tab) modifies the Discord client for Windows, turning it into a trojan capable of stealing account credentials and financial information, and then attempts to transmit itself to the victim’s friends and communities.
- Check out our list of the best malware removal software (opens in new tab) around
- Here's our list of the best password managers (opens in new tab) available
- We've built a list of the best ransomware protection services (opens in new tab) out there
The malware also reportedly affects users of the Discord web client.
The malware is also persistent, prompting Discord to deliver the victim’s login credentials to the hacker each time the client is booted up, and transmits itself to a victim’s friends via direct message.
In a bid to steal credit card information, meanwhile, the malware hunts for saved payment details attached to the infected user’s account.
NitroHack is also able to evade security software, which might recognize and address the malicious executable file, but is unlikely to register the modification of the Discord client.
Users can check whether their client has been compromised by opening %AppData%\\Discord\0.0.306\modules\discord_voice\index.js using Notepad or a similar software. If unmodified, the file should end with “module.exports = VoiceEngine;”.
- Here's our list of the best antivirus services (opens in new tab) on the market
Via Bleeping Computer (opens in new tab)