虽然Github开源项目作者Rdimo在主页明确标注”其项目仅做学习用途“,但是通过这几起以Discord为目标的攻击事件,我们发现这些开源项目在向学习者提供便利的同时,也为攻击者提供了直接可用的武器。截止发稿,仍有至少4个Rdimo的项目处于活跃状态,其中包含第一次和第三次攻击使用的攻击代码Hazard-Token-Grabber的更新版本Haza...
Grabber.target.Add(folderPath + "\\discordptb"); Grabber.target.Add(folderPath + "\\\Opera Software\\Opera Stable"); Grabber.target.Add(folderPath2 + "\\Google\\Chrome\\User Data\\Default"); Grabber.target.Add(folderPath2 + "\\BraveSoftware\\Brave-Browser\\User Data\\Default"); Grab...
discord-selfbot-v1412.0.3Discord token grabberTyposquatting/Trojan (discord.js) discord-lofy11.5.1Discord token grabberTyposquatting/Trojan (discord.js) discordsystem11.5.1Discord token grabberTyposquatting/Trojan (discord.js) discord-vilao1.0.0Discord token grabberTyposquatting/Trojan (discord.js) ...
MITRE ATT&CK: ID Tactic Technique T1078 Valid Accounts It uses valid account to access email T1107 File Deletion Self delete T1204 User Execution User interaction T1268 Conduct social engineering Uses social eng to install payload T1489