{"id":86910,"date":"2025-01-28T23:53:36","date_gmt":"2025-01-28T23:53:36","guid":{"rendered":"https:\/\/dejan.au\/index.php\/2025\/01\/28\/how-to-check-if-new-discord-malware-is-stealing-your-info-dexerto\/"},"modified":"2025-01-28T23:53:36","modified_gmt":"2025-01-28T23:53:36","slug":"how-to-check-if-new-discord-malware-is-stealing-your-info-dexerto","status":"publish","type":"post","link":"https:\/\/dejan.au\/index.php\/2025\/01\/28\/how-to-check-if-new-discord-malware-is-stealing-your-info-dexerto\/","title":{"rendered":"How to check if new Discord malware is stealing your info &#8211; Dexerto"},"content":{"rendered":"<p>How to check if new Discord malware is stealing your info Popular voice and text chat app Discord is reportedly being targeted by a malware through the Windows application for the service \u2013 potentially endangering users\u2019 information. First reported by BleepingComputer, since the Windows Discord app is mostly reliant on CSS, HTML, and JavaScript, the malware is able to infiltrate and modify base lines of code that can cause the program to compromise data. The malicious program is reportedly called \u201cSpidey Bot\u201d or \u201cBlueFace,\u201d and was discovered by the MalwareHunterTeam. While there\u2019s uncertainty of when the malware first appeared, its been known to steal date including first 50 characters of Windows clipboard, local IP address, Discord user token, and more. Check if Discord was infected by malware Luckily, there\u2019s an easy way to check if the malware was able to creep onto your Windows Discord app since the targeted files should only have one line of code in them. To check if your version of Discord has been infected with the malware, open up %AppData%Discord[version]modulesdiscord_modulesindex.js in Notepad2. If the file only reads one line of code that says \u201cmodule.exports = require(\u2018.\/discord_modules.node\u2019);\u201d then that hasn\u2019t been compromised by the malware. After that, do the same with the file called %AppData%Discord[version]modulesdiscord_desktop_coreindex.js, which should again only contain one line saying: \u201cmodule.exports = require(\u2018.\/core.asar\u2019);\u201d However, if you run the check and find multiple lines of code, then those shouldn\u2019t be there and it\u2019s probably been infected. After identifying it, you should uninstall Discord from the computer and reinstall it, then run the check again, just in case. How can a Discord user get the malware? The backdoor program can be dangerous especially if left unchecked, but it looks like it has to be let in in order to do its damage. Unfortunately, there&#8217;s not much any app can do to prevent something like this. However, you should always be cautious about clicking strange links and even more suspicious of downloading unknown software from unverified sources. Doing so could lead to things like this. \u2014 Discord (@discordapp) October 24, 2019 Discord users should steer clear from messages from unfamiliar usernames, or those random links thrown in a server unless you know they\u2019re safe or come from a trusted source. \u201cUnfortunately, there\u2019s not much any app can do to prevent something like this,\u201d Discord said in regards to the malware. \u201cHowever, you should always be cautious about clicking strange links and even more suspicious of downloading unknown software from unverified sources. Doing so could lead to things like this.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>How to check if new Discord malware is stealing your info Popular voice and text chat app Discord is reportedly being targeted by a malware through the Windows application for the service \u2013 potentially endangering users\u2019 information. First reported by BleepingComputer, since the Windows Discord app is mostly reliant on CSS, HTML, and JavaScript, the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-86910","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/posts\/86910","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/comments?post=86910"}],"version-history":[{"count":0,"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/posts\/86910\/revisions"}],"wp:attachment":[{"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/media?parent=86910"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/categories?post=86910"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dejan.au\/index.php\/wp-json\/wp\/v2\/tags?post=86910"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}