{"id":372932,"date":"2020-10-27T08:23:40","date_gmt":"2020-10-27T06:23:40","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=372932"},"modified":"2020-10-27T08:25:30","modified_gmt":"2020-10-27T06:25:30","slug":"new-malware-hijacks-discord-to-hack-your-pc","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/372932-new-malware-hijacks-discord-to-hack-your-pc.html","title":{"rendered":"New malware hijacks Discord to hack your PC"},"content":{"rendered":"<p>MalwareHunterTeam has discovered a remote access trojan (RAT) that uses Discord as its command and control server, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-rat-malware-gets-commands-via-discord-has-ransomware-feature\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Bleeping Computer<\/strong><\/a>\u00a0reports.<\/p>\n<p>The malware, known as Abaddon, begins its work by stealing cookies, credit card details, log-in details, discord tokens, and other important information &#8211; all of which is used to access the accounts of the victim.<\/p>\n<p>Once it has managed to do this, Abaddon uses Discord as its command and control server and lets the malicious party decide which commands to execute on the victim&#8217;s device.<\/p>\n<p>Possible commands the malicious party can execute include getting a list of the user&#8217;s drives, stealing files and other data, and opening a reverse shell &#8211; which allows the malicious party to execute more commands on the victim&#8217;s device.<\/p>\n<p>According to MalwareHunterTeam, Abaddon connects to its command and control discord server continuously so that the malicious party can see if there are any new tasks it can execute.<\/p>\n<p>This means the infected device is continually monitored for new ways the malicious party can execute attacks or steal data.<\/p>\n<p>MalwareHunterTeam also believes that the group which created this malware is also developing ransomware functionality that will allow malicious parties to encrypt the target computer.<\/p>\n<p>There is code that shows this is being worked on which can be found within the greater Abaddon code.<\/p>\n<h3 class=\"my-4\">The big ransomware problem<\/h3>\n<p>The ransomware component of the Abaddon malware is among the most concerning, as ransomware is a destructive and lucrative form of malware that can cost businesses lots of money.<\/p>\n<p>Because of this, ransomware has become increasingly prevalent recently, with the <a href=\"https:\/\/www.sophos.com\/en-us\/medialibrary\/Gated-Assets\/white-papers\/sophos-the-state-of-ransomware-2020-wp.pdf\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Sophos 2020 State of Ransomware Report<\/strong><\/a> claiming that over half of all organisations were hit by ransomware attacks in the past year.<\/p>\n<p>The report also explained that 73% of these attacks resulted in the successful encryption of organisation data, while many ransomware attacks are supplementing this encryption with data theft.<\/p>\n<p>\u201cIf the victim refuses to pay the ransom for decryption (because, say, the data was recovered from a backup copy), the attackers threaten to put the stolen confidential information in the public domain.\u201d<\/p>\n<p>While many of these threats turn out to be fake, some ransomware programs have actually followed through.<\/p>\n<h3 class=\"my-4\">Now read: <a href=\"https:\/\/mybroadband.co.za\/news\/security\/372362-google-chrome-bug-does-not-delete-youtube-browsing-data.html\" rel=\"bookmark\">Google Chrome bug does not delete YouTube browsing data<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>MalwareHunterTeam has discovered a remote access trojan (RAT) that uses Discord as its command and control server.<\/p>\n","protected":false},"author":341039,"featured_media":269675,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[67360,50307,67362,30150],"class_list":["post-372932","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-abaddon","tag-discord","tag-malwarehunterteam","tag-ransomware"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/372932"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341039"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=372932"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/372932\/revisions"}],"predecessor-version":[{"id":372948,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/372932\/revisions\/372948"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/269675"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=372932"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=372932"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=372932"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}