Hackers update AnarchyGrabber trojan malware to steal Discord tokens, IDs and passwords

As per reports, one of the popular Trojan malware has been updated by hackers so that it can steal passwords, user Discord tokens and disables two factor authentication besides spreading to victim's friends. This is the second update that has reached the Trojan this year after the update it got in April that helped it bypass antivirus software and steal user account details on the Discord chat service. Named AnarchyGrabber3, the Trojan is spread free of cost on hacker forums and on YouTube videos that explain how to steal Discord user tokens, reports Bleeping Computer.

The threat actors then usually spread the Trojan on Discord, posing it to be a game's cheat, hacking tool or a copyright software. After the updated version of AnarchyGrabber is installed, it reportedly modifies the Discord client's JavaScript files, essentially making it a malware that steals the user's Discord token.

You may be interested in

MobilesTablets Laptops

7% OFF

Apple iPhone 15 Pro Max

• Black Titanium
• 8 GB RAM
• 256 GB Storage

Discounted price:₹148,900Original price:₹159,900

Buy now

Google Pixel 8 Pro

• Obsidian
• 12 GB RAM
• 128 GB Storage

₹106,998

Check details

34% OFF

Samsung Galaxy S23 Ultra 5G

• Green
• 12 GB RAM
• 256 GB Storage

Discounted price:₹98,799Original price:₹149,999

Buy now

Apple iPhone 15 Plus

• Black
• 6 GB RAM
• 128 GB Storage

₹87,900

Check details

34% OFF

Xiaomi Pad 6

• Mist Blue
• 6 GB RAM
• 128 GB Storage

Discounted price:₹26,299Original price:₹39,999

Buy now

55% OFF

Lenovo Tab M10 5G

• Abyss Blue
• 6 GB RAM
• 128 GB Storage

Discounted price:₹20,999Original price:₹47,000

Buy now

32% OFF

Realme Pad 2

• Imagination Grey
• 6 GB RAM
• 128 GB Storage

Discounted price:₹19,749Original price:₹28,999

Buy now

Honor Pad X9

• Gray
• 4 GB RAM
• 128 GB Storage

₹14,999

Check details

21% OFF

Acer Swift Go SFG14 41 NX KG3SI 002 Laptop

• Pure Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹58,999Original price:₹74,999

Buy now

39% OFF

Acer Aspire 5 A515 57G Laptop

• Gray
• 16 GB RAM
• 512 GB SSD

Discounted price:₹54,949Original price:₹89,999

Buy now

22% OFF

Acer Aspire 3 A315 24 NX KDESI 004 Laptop

• Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹33,499Original price:₹42,999

Buy now

40% OFF

Asus VivoBook 15 X515JA BQ322WS Laptop

• Transparent Silver
• 8 GB RAM
• 512 GB SSD

Discounted price:₹31,350Original price:₹51,990

Buy now

Also read: Kaspersky: 83% don't use password managers, more than half unaware if these have been compromised

AnarchyGrabber3, in particular, is said to modify the Discord client's index.js file and load a malicious script called ‘discordmod.js.' This apparently logs out the user and then asks him/her to log in again. When the victim tries to log in, the malicious script tries to disable the 2FA security layer. This is followed by the use of webhook to extract the user's email ID, login name, user token, plain text password and IP address to a Discord channel that is controlled by the hacker. It can even perform commands given by the attacker, one of which is to send a message to the victim's friends, spreading the Trojan malware even more.

While it is difficult for anyone to recognise if the Discord account has been affected AnarchyGrabber3 right away, there is a way to find out. One can open Discord's index.js file in %AppData%\Discord\[version]\modules\discord_desktop_core with Notepad and check for a line of code that appear like this: “module.exports = require('./core.asar')”. If you can see that, your system is most likely affected.