![]() ![]() Once it finds one it will send a message to your Discord server via Discord Webhooks which will contain the token. Once executed it will look through the file system and attempt to locate a Discord Account Tokens. The attacker can easily distribute AnarchyGrabber3 to more targets or spread other types of malware. Like mentioned above, this tool is written in Python and can be used on Windows and OSX systems to exfiltrate Discord Tokens.Then where it says WEBHOOKURLHERE, put a webhook url and you are good Now send the script to a friend and tell them to run it on as a bookmarklet or pasting it into console. It is very simple to setup, first copy the script. Once a victim logs in, the modified Discord client disables 2FA on their account, and sends the user's email address, user token, login name, plain text password, and IP address to a Discord channel under the attacker's control. Here is a simple Discord Token grabber that sends information in a discord webhook.The malicious scripts log out the user from the Discord client and prompt them to log in. When Discord is started, it loads a file named inject.js, which further loads another spiteful javascript file called discordmod.js into the client. ![]() ![]() Once installed, the malware tweaks the Discord client’s file to stack the JavaScript files added by AnarchyGrabber3.Using the stolen plain text passwords, cybercriminals can conduct credential stuffing attacks to undermine victims’ accounts on other sites.The modified version, AnarchyGrabber3, can steal victims’ plain text passwords and command them to spread malware to their friends on Discord.There’s a lot more going on in the backend ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |