All news with #discord tag

RedTiger Infostealer Used to Steal Discord Accounts

🛡️ Attackers have compiled the open-source RedTiger red-team tool into a Windows infostealer that harvests Discord account tokens, payment details, browser credentials, crypto wallet files, and game data. The malware injects JavaScript into Discord's client to capture logins, purchases, and password changes, archives stolen data, and uploads it to GoFile. Users should revoke tokens, change passwords, reinstall Discord from the official site, clear browser data, and enable MFA.

Privacy rankings of popular messaging apps — 2025 Report

🔒 Incogni's Social Media Privacy Ranking 2025, summarized by Kaspersky, evaluates 15 platforms across 18 criteria to compare messaging apps on privacy and data handling. Overall scores place Discord, Telegram and Snapchat near the top, but a subset of practical criteria ranks Telegram first, followed by Snapchat and Discord. The analysis highlights default settings, data collection by mobile apps, handling of government requests, and encryption differences, noting that only WhatsApp provides end-to-end encryption for all chats by default.

Rust-Based ChaosBot Backdoor Uses Discord for C2 Operations

🔒 eSentire disclosed a Rust-based backdoor named ChaosBot that leverages Discord channels for command-and-control, allowing operators to perform reconnaissance and execute arbitrary commands on compromised systems. The intrusion, first observed in late September 2025 at a financial services customer, began after attackers used compromised Cisco VPN credentials and an over-privileged Active Directory service account via WMI. Distribution included phishing LNK files that launch PowerShell and display a decoy PDF, while the payload sideloads a malicious DLL through Microsoft Edge to deploy an FRP reverse proxy. ChaosBot supports commands to run shells, capture screenshots, and transfer files, and newer variants employ ETW patching and VM detection to evade analysis.

Hackers Claim Discord Zendesk Breach Exposed 5.5M Users

🛡️ Discord says it will not pay extortionists who claim to have stolen data from a third‑party customer support service and disputes claims that 2.1 million ID photos were exposed. Attackers allege they obtained 1.6 TB of data from the company's Zendesk instance, impacting 5.5 million users and including partial payment and MFA‑related information. Discord says roughly 70,000 ID photos may have been exposed and characterizes the larger figures as part of an extortion attempt.

ShinyHunters Launch Extortion Site Targeting Corporates

🔓 A cybercrime collective known as ShinyHunters has launched a public extortion blog threatening to publish data stolen from dozens of major companies if ransoms are not paid. The group claims to have harvested Salesforce customer records via a May voice-phishing campaign, and also says it exfiltrated terabytes of files from a Red Hat GitLab server and Discord user data tied to a third-party provider. Security firms and affected vendors including Salesforce, Red Hat and Discord are investigating, while Google and other investigators link the activity to several related UNC clusters and warn of additional token thefts tied to Salesloft. Victim shaming, published exploit scripts for an Oracle E-Business Suite zero-day, and malware-laced threats have amplified the incident’s severity.

Discord discloses data breach after support-ticket hack

🔒 Discord disclosed that attackers accessed a third-party customer support system on September 20 and stole a limited set of user support tickets and associated data. Exposed information included names, usernames, email addresses, IP addresses, messages and attachments, photos of government-issued IDs for a small number of users, and partial billing details such as payment type and the last four card digits. Discord says it isolated the vendor, revoked access, launched an internal and forensics investigation, and engaged law enforcement. The threat actor demanded a ransom and a group claiming responsibility said the breach involved a Zendesk instance.

Identifiable Discord User Data Exposed in Third-Party Breach

🔒 Hackers accessed a third-party customer service system used by Discord on September 20, stealing partial payment details and personally identifying information for a limited number of users who contacted support or Trust and Safety. The attackers appear financially motivated and demanded a ransom. Discord revoked the provider's access, engaged a computer forensics firm, launched an internal investigation, and notified law enforcement. Exposed data included real names, usernames, emails, IP addresses, support messages and attachments, photos of government IDs for a small subset, and partial billing details such as payment type and the last four card digits.