A dozen malicious PyPi packages have been discovered by researchers at Snyk installing malware that modify the Discord client to steal data from web browsers and Roblox.
- The popular online chat application, Discord, is also a target. The malware exfiltrates Discord tokens and injects a persistent malicious agent in the process. This malicious code, known as Discord Injector, can relay an alarming amount of information to the attacker. Not only will it share your credentials, but it can also skim your credit card information if you input it after the injector is loaded.
The packages pretend to be Roblox tools such as thread management and basic hacking modules but in fact simply install password-stealing malware on developers’ devices.