The Discord platform has a very dangerous malware called Spidey Bot which can steal users’ username and password. Discord, for those not familiar with it, is a messaging and VoIP application designed specifically for the gamer community. In May 2019 there are over 250 million users actively using it.

Discord victim of malware: risks for users

The most dangerous action that the malware performs on Discord, called Spidey Bot, is to copy the first 50 characters of the Windows clipboard. Depending on how you use it, it may contain very important data such as passwords that you have recently copied.

Other personal information that is captured on the chat and messaging service preferred by gamers around the world includes IP address, phone number, email and user token.

Finally, icing on the cake, the malware on Discord creates a “backdoor” to be able to install other types of viruses and malware on your computer. At the moment it seems that only the PC app is infected, so Mac users are safe, as are the apps available for Android and iOS.

Read also: 21 contaminated Apps found in Play Store installed by millions, eliminate them immediately

Probably because, although the desktop apps for PC and Mac are both based on Electron, an open-source framework that is reduced to the bone is only a web browser, the malware was developed specifically to infect Windows computers, which have a decidedly widespread distribution greater than macOS.

It appears that the first infections were propagated due to some cheats for Roblox and other games shared between users.

Discord Malware: how to protect yourself

There is no way to get infected if files of dubious origin are not opened, such as game cheats. So if you don’t open files or links that you don’t feel 100% sure about Discord, you can breathe a sigh of relief. But there is a way to check if your Discord desktop installation has been infected.

The Spidey Bot malware targets only two files:

  • % AppData% \ Discord \ [version] \ modules \ discord_modules \ index.js
  • % AppData% \ Discord \ [version] \ modules \ discord_desktop_core \ index.js

Open both files with the Notepad application: each of them should contain a single line of code. If there is more than one line of code, your Discord installation has been infected: proceed to uninstall it as soon as possible, and perform a thorough scan with your favorite antivirus software.

Izaan Zubair
Izaan's inquisitive in technology drove him to launch his website Tech Lapse. He usually writes pieces on emerging technology, anime, programming and alike niches. He can be reached at [email protected]
0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments

You may also like

More in:Global