I had my Discord Account stolen, all is now well
4 years ago
So how I got hacked:
It was a confidence trick: a friend of a friend dm'd me a zip containing a game he wanted me to test. I downloaded it, unzipped it, waited for antivirus to squak, it didn't, so ran it and immediately my discord client closed and a scary terminal screen flashed up with debug info, and I saw words like “credit card” - at this point I was hacked.
Logging back in as quick as I could was fruitless, or maybe even part of the attack - the client was compromised, as I would later try logging in with my bot testing alt account and it was immediately sac'd to the hacker gods
I blocked my credit card, and immediately reached out to discord support. I got through level 1 support and was stuck waiting for a specialist overnight.
In the mean time, the hacker started banning ppl from my discord who spoke up about my account being compromised (I tweeted and telegrammed my pals) and even deleted some channels that had our best stuff in. Because they knew the jig was up, they renamed my account and replaced the profile images and bio. They threatened people in my discord.
Turns out my discord account is grandfathered into cheap nitro prices, and a discord account like that is worth $600 USD on the black market
The program I was sent and ran basically injects some script into the discord app, quickly changing your email to an attackers email address, and then they use the forget password system to bypass 2FA.
They also steal the password vaults from your browsers and windows (inc wifi passwords), take screenshots of your monitors and send it all to a server running in the cloud, along with ping some discord server that they should check their mail.
I blew away my computer that night and reinstalled everything. It's going fine now :)
A whole lot of infursec friends are reverse engineering the app I ran and are filing lots of stuff to shut the scam down. It’s apparently a very amateur attack, weaponized and sold to kids who want to score money on the black market.
Turns out, only 4 anti virus packages available to the public could even detect it, and apparent Windows Defender is one of them, but my computer didn't pick this one up.
Everything for me is back to normal, for now. I had good backups of nearly everything I needed, just some save games and peripheral configuration lost.
It was a confidence trick: a friend of a friend dm'd me a zip containing a game he wanted me to test. I downloaded it, unzipped it, waited for antivirus to squak, it didn't, so ran it and immediately my discord client closed and a scary terminal screen flashed up with debug info, and I saw words like “credit card” - at this point I was hacked.
Logging back in as quick as I could was fruitless, or maybe even part of the attack - the client was compromised, as I would later try logging in with my bot testing alt account and it was immediately sac'd to the hacker gods
I blocked my credit card, and immediately reached out to discord support. I got through level 1 support and was stuck waiting for a specialist overnight.
In the mean time, the hacker started banning ppl from my discord who spoke up about my account being compromised (I tweeted and telegrammed my pals) and even deleted some channels that had our best stuff in. Because they knew the jig was up, they renamed my account and replaced the profile images and bio. They threatened people in my discord.
Turns out my discord account is grandfathered into cheap nitro prices, and a discord account like that is worth $600 USD on the black market
The program I was sent and ran basically injects some script into the discord app, quickly changing your email to an attackers email address, and then they use the forget password system to bypass 2FA.
They also steal the password vaults from your browsers and windows (inc wifi passwords), take screenshots of your monitors and send it all to a server running in the cloud, along with ping some discord server that they should check their mail.
I blew away my computer that night and reinstalled everything. It's going fine now :)
A whole lot of infursec friends are reverse engineering the app I ran and are filing lots of stuff to shut the scam down. It’s apparently a very amateur attack, weaponized and sold to kids who want to score money on the black market.
Turns out, only 4 anti virus packages available to the public could even detect it, and apparent Windows Defender is one of them, but my computer didn't pick this one up.
Everything for me is back to normal, for now. I had good backups of nearly everything I needed, just some save games and peripheral configuration lost.
Comment posting has been disabled by the journal owner.