General

How to check if new Discord malware is stealing your info

Alan Bernal

Popular voice and text chat app Discord is reportedly being targeted by a malware through the Windows application for the service – potentially endangering users’ information.

[ad name=”article1″]

First reported by BleepingComputer, since the Windows Discord app is mostly reliant on CSS, HTML, and JavaScript, the malware is able to infiltrate and modify base lines of code that can cause the program to compromise data.

The malicious program is reportedly called “Spidey Bot” or “BlueFace,” and was discovered by the MalwareHunterTeam. While there’s uncertainty of when the malware first appeared, its been known to steal date including first 50 characters of Windows clipboard, local IP address, Discord user token, and more.

[ad name=”article2″]

Check if Discord was infected by malware

Luckily, there’s an easy way to check if the malware was able to creep onto your Windows Discord app since the targeted files should only have one line of code in them.

To check if your version of Discord has been infected with the malware, open up %AppData%\Discord\[version]\modules\discord_modules\index.js in Notepad2.

If the file only reads one line of code that says “module.exports = require(‘./discord_modules.node’);” then that hasn’t been compromised by the malware.

Courtesy of BleepingComputerWhat the program should look like after running the code in Notepad2.
[ad name=”article3″]

After that, do the same with the file called %AppData%\Discord\[version]\modules\discord_desktop_core\index.js, which should again only contain one line saying: “module.exports = require(‘./core.asar’);”

However, if you run the check and find multiple lines of code, then those shouldn’t be there and it’s probably been infected.

Courtesy of BleepingComputerWhat the files definitely shouldn’t look like.
[ad name=”article4″]

After identifying it, you should uninstall Discord from the computer and reinstall it, then run the check again, just in case.

How can a Discord user get the malware?

The backdoor program can be dangerous especially if left unchecked, but it looks like it has to be let in in order to do its damage.

[ad name=”article5″]

Discord users should steer clear from messages from unfamiliar usernames, or those random links thrown in a server unless you know they’re safe or come from a trusted source.

“Unfortunately, there’s not much any app can do to prevent something like this,” Discord said in regards to the malware. “However, you should always be cautious about clicking strange links and even more suspicious of downloading unknown software from unverified sources. Doing so could lead to things like this.”

About The Author

Alan Bernal

Alan is a former staff writer for Dexerto based in Southern California who covered esports, internet culture, and the broader games/streaming industry. He is a CSUF Alum with a B.A. in Journalism. He's reported on sports medicine, emerging technology, and local community issues. Got a tip or want to talk?

keep reading
parker chloe stott
General
Husband of pregnant woman killed in car crash dies in hospital: Parker Stott and Chloe Stott
Calum Patterson
General
Retailers last shipping dates for Christmas: Walmart, Best Buy, more
Tristan Stringer
Gaming
Top Black Friday deals on toys for kids
Ash Singh
cover art featuring the ice wizard in Clash Royale
Gaming
Clash Royale Chest Cycle: How to get Royal Wild Chests and Overflow Gold Crates
Titas Khan
Sign up to Dexerto for free and receive:
Fewer Ads|Dark Mode|Deals in Gaming, TV and Movies, and Tech