Expert Comments

Expert On AnarchyGrabber Trojan Update Stealing Discord Clients Passwords

Expert(s): Security Experts
Expert(s): Security Experts

Hackers have updated the AnarchyGrabber trojan to a new version which is capable of stealing passwords and user tokens, disabling 2FA and spreading malware to a victim’s friends as well.

AnarchyGrabber is distributed for free on hacking forums and in YouTube videos and the trojan is used by cybercriminals on Discord who claim it is a game cheat, hacking tool or copyrighted software. Instead it modifies the Discord client’s JavaScript files to turn it into malware that can steal a victim’s Discord user token which is then used by an attacker to log into the popular chat service as the victim.

Experts Comments

May 29, 2020
Dr. Muhammad Malik
Editor-in-Chief
Information Security Buzz
This popular Trojan malware has been updated by hackers to modify the chat platform Discord client’s %AppData%\m\Discord\[version]\modules\discord_desktop_core\index.js file upon successful installation and this will give the malware ability to load JavaScript files. The updated AnarchyGrabber trojan has the capability to steal passwords and user tokens on this popular chat platform, spreading all kinds of malware to a victim’s friends and disabling 2FA as well. The user can checked if.....Read More
This popular Trojan malware has been updated by hackers to modify the chat platform Discord client’s %AppData%\m\Discord\[version]\modules\discord_desktop_core\index.js file upon successful installation and this will give the malware ability to load JavaScript files. The updated AnarchyGrabber trojan has the capability to steal passwords and user tokens on this popular chat platform, spreading all kinds of malware to a victim’s friends and disabling 2FA as well. The user can checked if they are infected by opening the %AppData%\Discord\[version]\modules\discord_desktop_core\ \index.js file and confirm it ONLY contain this code: “module.exports = require(‘./core.asar’);”. If any other code is present, the user is infected. In this case the user should uninstall Discord client from the machine, run the endpoint protection tools such as Anti-virus and install the updated version of Discord Client. It is best security practice to download the software from the official vendor website.  Read Less
May 27, 2020
Michael Barragry
Operations Lead and Security Consultant
Edgescan
Although previous versions have been blocked by anti-virus, newer versions appear to have been able to bypass anti-virus signature detection. Clients which have a dependency upon Javascript are especially attractive targets for attackers given the versatility that Javascript offers. Registered users should examine the Discord Javascript index.js file as outlined in the linked article for signs of infection. If infection is found to be present, users should consider their account as good as.....Read More
Although previous versions have been blocked by anti-virus, newer versions appear to have been able to bypass anti-virus signature detection. Clients which have a dependency upon Javascript are especially attractive targets for attackers given the versatility that Javascript offers. Registered users should examine the Discord Javascript index.js file as outlined in the linked article for signs of infection. If infection is found to be present, users should consider their account as good as compromised. Additionally, all users should maintain an up to date anti-virus solution as part of their personal security best practice.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Data Hacked For 400,000 LA Patients

IKEA Suffering Ongoing “Reply-Chain” Email Attack

Cybersecurity Expert Reaction On UK’s Financial Regulator Scraps 90-day Authentication...

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Panasonic Becomes Latest Victim Of Data Breach – Security Expert...

Clearview’s £17 Million Fine For Processing 10+ Billion Images Is...

Booz Allen Report On CISOs And China Quantum Computing Risks,...

Experts Reactions On Sky Broadband Hack Warning

Ransomware Set To Break Records This Black Friday 2021

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts