AnarchyGrabber hack steals Discord tokens, IDs and passwords

New trojan software corrupts Discord’s JavaScript files to get your private data

There’s a new trojan version of AnarchyGrabber that steals chatting app Discord passwords and tokens and disables the victim’s two-factor authentication. The malware also compromises accounts on other sites.

Trojan viruses are malicious malware that, despite their innocent appearance, slow your computer, steal user accounts and can cause other significant computer issues. This third version of AnarchyGrabber stalls your computer within minutes and evades detection by modifying client files.

Bleeping Computer reported, “earlier this week, a threat actor released a modified AnarchyGrabber trojan that contains new and powerful features.”

Malicious actors download AnarchyGrabber for free from hacker forums and YouTube videos that explain how to steal Discord user tokens. They distribute the malware on Discord, presenting it as a hacking tool, game cheat or copyrighted software. Once installed, the malware corrupts the user’s Discord JavaScript files, subsequently taking over the site.

You can check whether you’ve been hacked through the following two steps:

First, use Notepad to open Discord's index.js file in %AppData%\Discord\[version]\modules\discord_desktop_core. Second, check for the following code: “module.exports = require('./core.asar')”. If you’re unfortunate enough to have that, you’ve been hacked.

What now? PCMalware.com guides you through two options to delete AnarchyGrabber. It urges you to act the moment you suspect your system has been infected.

Josh Ross, IT enthusiast, told IT Pro: “If you do not care about your files, programs or any other work that you may have on your PC, I would recommend doing a full clean reinstall of your Windows, and you are good to go.

"A more complicated way would be a thorough cleanup of your PC. I recommend installing some form of Adblock on your PC just to get rid of ad-spread malware and trojans.”

Avoid AnarchyGrabber by ignoring emails that come with subject lines such as “Urgent”, “Act Now” or “Best Price.” Also disregard attachments from spurious or unknown email senders.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

What is hacktivism?
hacking

What is hacktivism?

13 Oct 2020
Microsoft: Iranian hackers are exploiting ZeroLogon flaw
Security

Microsoft: Iranian hackers are exploiting ZeroLogon flaw

6 Oct 2020
The Ritz suffers data breach after hackers pose as staff
data breaches

The Ritz suffers data breach after hackers pose as staff

17 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020

Most Popular

Microsoft CEO warns of video call fatigue
video conferencing

Microsoft CEO warns of video call fatigue

7 Oct 2020
Raspberry Pi Compute Module 4 launches with PCIe support
Hardware

Raspberry Pi Compute Module 4 launches with PCIe support

19 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020