11/19/2022 0 Comments Sky grabber cracked![]() ![]() At the same time, we scanned our malware database for samples containing Discord URLs used as next stage payloads or C2’s.įigure 1 shows a breakdown of the top five detections of 1,650 malware samples from the same time period that were delivered from Discord and also contained Discord URLs. In October 2020 alone, we identified more than 5,700 public Discord attachment URLs hosting malicious content, mostly in the form of Windows executable files and archives. This post will detail the technical analysis of TroubleGrabber and provide insights on the generator and its creator. We discovered TroubleGrabber in October 2020 when researching public Discord attachments for our previous blog post, Leaky Chats: Accidental Exposure and Malware in Discord Attachments. ![]() Based on the file names and delivery mechanisms, TroubleGrabber is actively being used to target gamers. This information is sent via webhook as a chat message to the attacker’s Discord server. This malware, which primarily arrives via drive-by download, steals the web browser tokens, Discord webhook tokens, web browser passwords, and system information. TroubleGrabber is written by an individual named “Itroublve” and is currently used by multiple threat actors to target victims on Discord. While it bears some functional similarity to AnarchyGrabber, it is implemented differently and does not appear to be linked to the same group. “TroubleGrabber” is a new credential stealer that is being spread through Discord attachments and uses Discord messages to communicate stolen credentials back to the attacker. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |