The Discord platform has a very dangerous malware called Spidey Bot which can steal users’ username and password. Discord, for those not familiar with it, is a messaging and VoIP application designed specifically for the gamer community. In May 2019 there are over 250 million users actively using it.
Discord victim of malware: risks for users
The most dangerous action that the malware performs on Discord, called Spidey Bot, is to copy the first 50 characters of the Windows clipboard. Depending on how you use it, it may contain very important data such as passwords that you have recently copied.
Other personal information that is captured on the chat and messaging service preferred by gamers around the world includes IP address, phone number, email and user token.
Finally, icing on the cake, the malware on Discord creates a “backdoor” to be able to install other types of viruses and malware on your computer. At the moment it seems that only the PC app is infected, so Mac users are safe, as are the apps available for Android and iOS.
Probably because, although the desktop apps for PC and Mac are both based on Electron, an open-source framework that is reduced to the bone is only a web browser, the malware was developed specifically to infect Windows computers, which have a decidedly widespread distribution greater than macOS.
It appears that the first infections were propagated due to some cheats for Roblox and other games shared between users.
Discord Malware: how to protect yourself
There is no way to get infected if files of dubious origin are not opened, such as game cheats. So if you don’t open files or links that you don’t feel 100% sure about Discord, you can breathe a sigh of relief. But there is a way to check if your Discord desktop installation has been infected.
Unfortunately, there’s not much any app can do to prevent something like this. However, you should always be cautious about clicking strange links and even more suspicious of downloading unknown software from unverified sources. Doing so could lead to things like this.
— Discord (@discordapp) October 24, 2019
The Spidey Bot malware targets only two files:
- % AppData% \ Discord \ [version] \ modules \ discord_modules \ index.js
- % AppData% \ Discord \ [version] \ modules \ discord_desktop_core \ index.js
Open both files with the Notepad application: each of them should contain a single line of code. If there is more than one line of code, your Discord installation has been infected: proceed to uninstall it as soon as possible, and perform a thorough scan with your favorite antivirus software.