Discord is one of the most used platforms today to carry out communications in different environments, such as video games, having left Skype in the background. Now are using several npm packages to be able to infect these users Discord with the aim of stealing your bank card details.

This malware has been detected this time by Igor Kuznetsov and Leonid Bezvershenko is a variant of the Volt Stealer token logger, Python-based, and JavaScript malware called Lofy Stealer. Specifically, it was on July 26 that four really suspicious packages were detected when monitoring open source repositories.

A malware that uses Python and Java to attack you

When analyzing these packages, it was possible to detect malicious Python and JavaScript code, which was automatically implemented after installing the módulos small-sm , pern-valids , lifeculer o proc-title. Once in the system, they began to capture relevant information such as IP addresses and also monitor users. But the most important thing of all is that data was obtained from the subscription system in Discord, accessing your bank information.

With the latter we refer mainly to the logins that are made, the password change attempts, and also the control of two-factor authentication. Once you have all your data, it is uploaded to multiple instances that are hosted on Replit with fully encrypted addresses.





Obviously, when this data is uploaded to external servers, the attackers will have practically complete access to all your information, and you will be able to see how some payments are fraudulently generated with your cards. For now, the researchers are monitoring this malware in order to find out more about it and especially the method of detecting and removing it.

For now, until there is more information about it, you should be very careful with all the files that you are going to download to your computer. Also, when entering bank details on services like Discord, it is important to use virtual cards or external platforms such as PayPal for greater security.

Via | BleepingComputer