New PyPi Malware Pkgs Steal Discord And Roblox Credential & Payment Info, Expert Weighs In

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

credentials

A dozen malicious PyPi packages have been discovered by researchers at Snyk installing malware that modify the Discord client to steal data from web browsers and Roblox.

The popular online chat application, Discord, is also a target. The malware exfiltrates Discord tokens and injects a persistent malicious agent in the process. This malicious code, known as Discord Injector, can relay an alarming amount of information to the attacker. Not only will it share your credentials, but it can also skim your credit card information if you input it after the injector is loaded.

The packages pretend to be Roblox tools such as thread management and basic hacking modules but in fact simply install password-stealing malware on developers’ devices.

About the Author

ISBuzz Team

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Working With Us

Write For Us

The Pages