WARNING: Ongoing Discord phishing

If it's not ZDoom, it goes here.

WARNING: Ongoing Discord phishing

Postby Pandut » Mon Sep 20, 2021 11:26 pm

There's an extremely organized mass-scale phishing attack occurring on discord atm. It started on Labor Day (Sep 6th) but it appears there have been smaller attacks happening all the way back to June. The attackers are specifically targeting the game dev community, in order to get people to download and run their "game". From what I understand, this "game" is a keylogger and some sort of crypto miner that as of right now cannot be recognized by anti-viruses. The only way to remove it is via a full system wipe. This malware will steal your Discord info and also harvest any login information/cookies saved to your browser.

Information is scattered right now, but the best I could make sense of it was this twitter post -- https://twitter.com/PhleBuster/status/1 ... 5267188741

Social engineering is playing a massive role in this which looks like its the only means of infection. These people will take control of an account, pretend to be that person and try to pass their "game" along to as many people as possible.

Please be careful, everyone! If someone you know has been compromised, block them immediately, do not click on any links or download any files they give you. I know we were all taught about this classic phishing scheme when we were younger, but it looks like the scheme has gotten so old and dated that it actually works again.
Last edited by Pandut on Tue Sep 21, 2021 12:41 am, edited 1 time in total.
User avatar
Pandut
help
 
Joined: 23 Mar 2010
Location: existential dread
Operating System: Windows 10/8.1/8/201x 64-bit
OS Test Version: No (Using Stable Public Version)
Graphics Processor: nVidia with Vulkan support

Re: WARNING: Large-scale Discord phishing attack

Postby Rachael » Mon Sep 20, 2021 11:36 pm

Not that I am trying to downplay the seriousness of the threat - but there are constantly Discord attacks occurring on a large scale. And the alarm is sounded so often on it that it really becomes a situation of the boy who cried wolf.

Unfortunately, this epidemic of attacks is something that will have to be addressed by Discord themselves, directly, by making login tokens harder to steal, and also if they are stolen, to verify their point of origin similar to what most other online services do already, and invalidate the token when geographic characteristics of a person change too much.

If you posted about every single phishing attack campaign targeting Discord users on this forum though - this forum would be nothing but. It reminds me of the earlier days of Windows when it first started maturing into a full operating system - around the time of the 95/NT days and several years after that - malware attacks happening so often it was all you ever saw when Tech was discussed on the news. Well - guess what - a lot of people used Windows, still do, a lot of people use Discord, so Discord Windows users are a ripe target. Funny how so little has changed in a whole nearly 3 decades.

So the basic rules of internet security applies, as always - don't download or run programs you don't trust, and always be vigilant of others acting suspicious, and don't accept anything from them when they do. If they do send you something out of the blue, engage them in a conversation and try and pick up their pattern of behavior - try and get a feel for if it really is them. If in doubt, use a security feature in Windows such as the Windows Sandbox to test the program, and do not run it on your actual machine.

Remember - anyone can be hacked - even the most paranoid and vigilant person out there - so be careful who you trust and always pay attention to how they act so that you know when something is amiss. It's not that you can't trust anyone - it's more that you have to be sure the person talking to you really is who you think they are and do trust.
User avatar
Rachael
Admin
 
Joined: 13 Jan 2004
Discord: Rachael#3767
Twitch ID: madamerachelle
Github ID: madame-rachelle
Operating System: Windows 10/8.1/8/201x 64-bit
OS Test Version: No (Using Stable Public Version)
Graphics Processor: nVidia with Vulkan support

Re: WARNING: Ongoing Discord phishing

Postby Matt » Tue Sep 21, 2021 1:08 pm

Thanks for the response, Rachael... these dire but example-less warnings I've been seeing going viral(!) lately have been causing a lot of FUD without providing any really actionable information. I thought I was somehow missing something new and game-changing this time but apparently that's not the case. (that Twitter thread itself contains nothing usable and links to another Twitter thread I can't even see!)
User avatar
Matt
Putting the XD into *xdeath since 2007
 
Joined: 04 Jan 2004
Location: Gotham City SAR, Wyld-Lands of the Lotus People, Dominionist PetroConfederacy of Saudi Canadia

Re: WARNING: Ongoing Discord phishing

Postby Rachael » Tue Sep 21, 2021 1:37 pm

Yes. A year or two ago it became a situation where pretty much every week there seemed to be a new phishing attack. Well ... if you warn people too often, they stop listening to warnings. 200 warnings is not going to get people to take the steps to secure their system any better than 3. In fact, it often has the reverse effect.

So a better course of action is to simply hold firm to basic security principles, and hope that people will follow. But failing that - you deal with each situation as it comes, rather than to try and preempt it with FUD.
User avatar
Rachael
Admin
 
Joined: 13 Jan 2004
Discord: Rachael#3767
Twitch ID: madamerachelle
Github ID: madame-rachelle
Operating System: Windows 10/8.1/8/201x 64-bit
OS Test Version: No (Using Stable Public Version)
Graphics Processor: nVidia with Vulkan support

Re: WARNING: Ongoing Discord phishing

Postby nova++ » Tue Sep 21, 2021 2:02 pm

Sounds easily preventable with a reasonable dose of common sense...?

Good thing I'm too much of a mess of nerves to be in any discord servers where anyone would try to push this on me.

...

😢
User avatar
nova++
Real life space alien (not fake)
 
Joined: 04 Sep 2021
Discord: PM me!
Operating System: Debian-like Linux (Debian, Ubuntu, Mint, etc) 64-bit

Re: WARNING: Ongoing Discord phishing

Postby Graf Zahl » Tue Sep 21, 2021 3:04 pm

nova++ wrote:Sounds easily preventable with a reasonable dose of common sense...?


Which is a proven fact that many people do not have that.
Some people are so utterly clueless they'd fall for anything that tries to con them out of their money or their private passwords or whatever else the perpetrator wants.
User avatar
Graf Zahl
Lead GZDoom+Raze Developer
Lead GZDoom+Raze Developer
 
Joined: 19 Jul 2003
Location: Germany

Re: WARNING: Ongoing Discord phishing

Postby nova++ » Tue Sep 21, 2021 3:45 pm

Yeah I was waffling on whether I should have phrased it as "(un)common sense" :P

I do know a friend of a friend got hit by this so I shouldn't be toooo harsh

...But also - I know a nigerian prince who would like your discord account details...
User avatar
nova++
Real life space alien (not fake)
 
Joined: 04 Sep 2021
Discord: PM me!
Operating System: Debian-like Linux (Debian, Ubuntu, Mint, etc) 64-bit

Re: WARNING: Ongoing Discord phishing

Postby Rachael » Tue Sep 21, 2021 3:58 pm

Graf Zahl wrote:Which is a proven fact that many people do not have that.
Some people are so utterly clueless they'd fall for anything that tries to con them out of their money or their private passwords or whatever else the perpetrator wants.

Which is the biggest and most widespread vulnerability in any system. People.

With enough charm, guile, and wit, almost anything is possible. Don't believe me?

I've been pushing for this to be required viewing in any basic computing as well as any internet or physical security course. Yes - it really is that easy.

User avatar
Rachael
Admin
 
Joined: 13 Jan 2004
Discord: Rachael#3767
Twitch ID: madamerachelle
Github ID: madame-rachelle
Operating System: Windows 10/8.1/8/201x 64-bit
OS Test Version: No (Using Stable Public Version)
Graphics Processor: nVidia with Vulkan support

Re: WARNING: Ongoing Discord phishing

Postby Enjay » Tue Sep 21, 2021 4:10 pm

Yup, that's a very good video.

I've got a couple of friends who work in cyber security and they do quite a bit of pen testing. Often within minutes they are in to the systems of some organisations where getting in really, really shouldn't be as easy as that (including once their own head office :lol: ). Usually the weak spot is indeed the people. Like ridiculously and blatantly so - when you hear the stories you think "nah, no way that worked" but it does. It always does.
User avatar
Enjay
Everyone is a moon, and has a dark side which he never shows to anybody. Twain
 
 
 
Joined: 15 Jul 2003
Location: Scotland

Re: WARNING: Ongoing Discord phishing

Postby wildweasel » Tue Sep 21, 2021 5:42 pm

I've seen enough people almost get fooled by this that I think it's worth spreading the knowledge. Some folks could use the reminder, in any case.

Not that I expect I'll get fooled by this myself (my default response to "can you test this game for me" is "maybe later", followed by my forgetting about it entirely), but if anybody claiming to be me wants you to test a game that "I've" made, that's a flat out lie. I haven't worked on any games or anything of consequence since 2018. :?
User avatar
wildweasel
change o' pace.
Moderator Team Lead
 
Joined: 15 Jul 2003

Re: WARNING: Ongoing Discord phishing

Postby Redneckerz » Wed Sep 22, 2021 11:58 am

wildweasel wrote:I haven't worked on any games or anything of consequence since 2018. :?

Imagine how surprised and excited people would be if the great WildWeasel was working on a new game! :surprise: :surprise: :surprise:
User avatar
Redneckerz
To it's ports i may have seen
Spotlight Team
 
Joined: 25 Nov 2019
Discord: Redneckerz#8399
Operating System: Windows 10/8.1/8/201x 64-bit
Graphics Processor: Intel (Modern GZDoom)

Re: WARNING: Ongoing Discord phishing

Postby leileilol » Wed Sep 22, 2021 2:26 pm

When in doubt, don't forget to use your personal copy protection: in-jokes
User avatar
leileilol
フォニュエール!!!!!!!!!!
 
Joined: 30 May 2004
Location: GNU/Hell


Return to Off-Topic

Who is online

Users browsing this forum: Craneo and 1 guest