12/14/2023 0 Comments Discord token![]() The marketplace sells both standalone Nitro keys and entire accounts that have Nitro enabled. For example, this can be seen in the “” marketplace: Attackers may be targeting Discord accounts that have purchased Nitro in order to resell them for cheap in an online marketplace. ” This service currently costs $100 per year and unlocks several cosmetic options for the user (emojis, badges, etc.) and the option to “boost” chosen servers which enhances the call & video quality of streams on that server. A victim is much more likely to accept (and execute) an arbitrary file from a friend’s account on Discord, versus a file sent by a complete stranger.ĭiscord operates a premium service called “ Discord Nitro. Hacked Discord accounts can be used for social engineering purposes, to keep spreading malware – either manually or automatically via a worm. If an attacker obtains arbitrary Discord users/servers, this allows for better attack anonymization since any attack using these credentials would be traced to the legitimate user and not the attacker. In our previous research, we noted that the “noblesse” malware family uses Discord webhooks to exfiltrate stolen data. Alternatively, the Discord servers can be used as an anonymous exfiltration channel.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |