WARNING: Ongoing Discord phishing

If it's not ZDoom, it goes here.
User avatar
Pandut
Posts: 218
Joined: Tue Mar 23, 2010 4:47 pm
Operating System: Windows 10/8.1/8/201x 64-bit
OS Test Version: No (Using Stable Public Version)
Graphics Processor: nVidia with Vulkan support
Location: existential dread

WARNING: Ongoing Discord phishing

Post by Pandut »

There's an extremely organized mass-scale phishing attack occurring on discord atm. It started on Labor Day (Sep 6th) but it appears there have been smaller attacks happening all the way back to June. The attackers are specifically targeting the game dev community, in order to get people to download and run their "game". From what I understand, this "game" is a keylogger and some sort of crypto miner that as of right now cannot be recognized by anti-viruses. The only way to remove it is via a full system wipe. This malware will steal your Discord info and also harvest any login information/cookies saved to your browser.

Information is scattered right now, but the best I could make sense of it was this twitter post -- https://twitter.com/PhleBuster/status/1 ... 5267188741

Social engineering is playing a massive role in this which looks like its the only means of infection. These people will take control of an account, pretend to be that person and try to pass their "game" along to as many people as possible.

Please be careful, everyone! If someone you know has been compromised, block them immediately, do not click on any links or download any files they give you. I know we were all taught about this classic phishing scheme when we were younger, but it looks like the scheme has gotten so old and dated that it actually works again.
Last edited by Pandut on Tue Sep 21, 2021 12:41 am, edited 1 time in total.
User avatar
Rachael
Admin
Posts: 12878
Joined: Tue Jan 13, 2004 1:31 pm
Discord: Rachael#3767
Twitch ID: madamerachelle
Github ID: madame-rachelle

Re: WARNING: Large-scale Discord phishing attack

Post by Rachael »

Not that I am trying to downplay the seriousness of the threat - but there are constantly Discord attacks occurring on a large scale. And the alarm is sounded so often on it that it really becomes a situation of the boy who cried wolf.

Unfortunately, this epidemic of attacks is something that will have to be addressed by Discord themselves, directly, by making login tokens harder to steal, and also if they are stolen, to verify their point of origin similar to what most other online services do already, and invalidate the token when geographic characteristics of a person change too much.

If you posted about every single phishing attack campaign targeting Discord users on this forum though - this forum would be nothing but. It reminds me of the earlier days of Windows when it first started maturing into a full operating system - around the time of the 95/NT days and several years after that - malware attacks happening so often it was all you ever saw when Tech was discussed on the news. Well - guess what - a lot of people used Windows, still do, a lot of people use Discord, so Discord Windows users are a ripe target. Funny how so little has changed in a whole nearly 3 decades.

So the basic rules of internet security applies, as always - don't download or run programs you don't trust, and always be vigilant of others acting suspicious, and don't accept anything from them when they do. If they do send you something out of the blue, engage them in a conversation and try and pick up their pattern of behavior - try and get a feel for if it really is them. If in doubt, use a security feature in Windows such as the Windows Sandbox to test the program, and do not run it on your actual machine.

Remember - anyone can be hacked - even the most paranoid and vigilant person out there - so be careful who you trust and always pay attention to how they act so that you know when something is amiss. It's not that you can't trust anyone - it's more that you have to be sure the person talking to you really is who you think they are and do trust.
User avatar
Matt
Posts: 9664
Joined: Sun Jan 04, 2004 5:37 pm
Location: Gotham City SAR, Wyld-Lands of the Lotus People, Dominionist PetroConfederacy of Saudi Canadia

Re: WARNING: Ongoing Discord phishing

Post by Matt »

Thanks for the response, Rachael... these dire but example-less warnings I've been seeing going viral(!) lately have been causing a lot of FUD without providing any really actionable information. I thought I was somehow missing something new and game-changing this time but apparently that's not the case. (that Twitter thread itself contains nothing usable and links to another Twitter thread I can't even see!)
User avatar
Rachael
Admin
Posts: 12878
Joined: Tue Jan 13, 2004 1:31 pm
Discord: Rachael#3767
Twitch ID: madamerachelle
Github ID: madame-rachelle

Re: WARNING: Ongoing Discord phishing

Post by Rachael »

Yes. A year or two ago it became a situation where pretty much every week there seemed to be a new phishing attack. Well ... if you warn people too often, they stop listening to warnings. 200 warnings is not going to get people to take the steps to secure their system any better than 3. In fact, it often has the reverse effect.

So a better course of action is to simply hold firm to basic security principles, and hope that people will follow. But failing that - you deal with each situation as it comes, rather than to try and preempt it with FUD.
User avatar
nova++
Posts: 177
Joined: Sat Sep 04, 2021 3:13 am
Operating System: Other Linux 64-bit

Re: WARNING: Ongoing Discord phishing

Post by nova++ »

Sounds easily preventable with a reasonable dose of common sense...?

Good thing I'm too much of a mess of nerves to be in any discord servers where anyone would try to push this on me.

...

😢
User avatar
Graf Zahl
Lead GZDoom+Raze Developer
Lead GZDoom+Raze Developer
Posts: 47972
Joined: Sat Jul 19, 2003 10:19 am
Location: Germany

Re: WARNING: Ongoing Discord phishing

Post by Graf Zahl »

nova++ wrote:Sounds easily preventable with a reasonable dose of common sense...?
Which is a proven fact that many people do not have that.
Some people are so utterly clueless they'd fall for anything that tries to con them out of their money or their private passwords or whatever else the perpetrator wants.
User avatar
nova++
Posts: 177
Joined: Sat Sep 04, 2021 3:13 am
Operating System: Other Linux 64-bit

Re: WARNING: Ongoing Discord phishing

Post by nova++ »

Yeah I was waffling on whether I should have phrased it as "(un)common sense" :P

I do know a friend of a friend got hit by this so I shouldn't be toooo harsh

...But also - I know a nigerian prince who would like your discord account details...
User avatar
Rachael
Admin
Posts: 12878
Joined: Tue Jan 13, 2004 1:31 pm
Discord: Rachael#3767
Twitch ID: madamerachelle
Github ID: madame-rachelle

Re: WARNING: Ongoing Discord phishing

Post by Rachael »

Graf Zahl wrote: Which is a proven fact that many people do not have that.
Some people are so utterly clueless they'd fall for anything that tries to con them out of their money or their private passwords or whatever else the perpetrator wants.
Which is the biggest and most widespread vulnerability in any system. People.

With enough charm, guile, and wit, almost anything is possible. Don't believe me?

I've been pushing for this to be required viewing in any basic computing as well as any internet or physical security course. Yes - it really is that easy.

User avatar
Enjay
 
 
Posts: 26402
Joined: Tue Jul 15, 2003 4:58 pm
Location: Scotland

Re: WARNING: Ongoing Discord phishing

Post by Enjay »

Yup, that's a very good video.

I've got a couple of friends who work in cyber security and they do quite a bit of pen testing. Often within minutes they are in to the systems of some organisations where getting in really, really shouldn't be as easy as that (including once their own head office :lol: ). Usually the weak spot is indeed the people. Like ridiculously and blatantly so - when you hear the stories you think "nah, no way that worked" but it does. It always does.
User avatar
wildweasel
Moderator Team Lead
Posts: 21368
Joined: Tue Jul 15, 2003 7:33 pm

Re: WARNING: Ongoing Discord phishing

Post by wildweasel »

I've seen enough people almost get fooled by this that I think it's worth spreading the knowledge. Some folks could use the reminder, in any case.

Not that I expect I'll get fooled by this myself (my default response to "can you test this game for me" is "maybe later", followed by my forgetting about it entirely), but if anybody claiming to be me wants you to test a game that "I've" made, that's a flat out lie. I haven't worked on any games or anything of consequence since 2018. :?
User avatar
Redneckerz
Spotlight Team
Posts: 970
Joined: Mon Nov 25, 2019 8:54 am
Discord: Redneckerz#8399
Operating System: Windows 10/8.1/8/201x 64-bit
Graphics Processor: Intel (Modern GZDoom)

Re: WARNING: Ongoing Discord phishing

Post by Redneckerz »

wildweasel wrote:I haven't worked on any games or anything of consequence since 2018. :?
Imagine how surprised and excited people would be if the great WildWeasel was working on a new game! :surprise: :surprise: :surprise:
User avatar
leileilol
Posts: 4427
Joined: Sun May 30, 2004 10:16 am
Location: GNU/Hell

Re: WARNING: Ongoing Discord phishing

Post by leileilol »

When in doubt, don't forget to use your personal copy protection: in-jokes
yum13241
Posts: 225
Joined: Mon May 10, 2021 8:08 pm
Discord: yum13241#8226
Github ID: yum13241
Operating System: Other Linux 64-bit
OS Test Version: No (Using Stable Public Version)
Graphics Processor: Intel (Modern GZDoom)

Re: WARNING: Ongoing Discord phishing

Post by yum13241 »

like at this rate, tech education should be mandatory cuz i could literally take Hydra.exe, rename it to hydrasonicgame.exe, and people would fall for it. (not like i would do this here, just saying, im not risking a ban).

Return to “Off-Topic”