![]() ![]() This is how the bot creates the RAT'd executable, linked with the webhook the user made. ![]() Hey Discord, if you see this, your boy is for hire :) adding filters and detections for scam messages Recently, this virus was sent to 3 of my friends and people I know for a while now, as well as an attempt towards me but I exposed that guy and confronted him LOL, one of my friends ( u/GewoonIraj ) gave me the infected Discord files and I successfully reversed/de-obfuscated the RAT and broke down how it works here, you can read the article there if you are interested in how this RAT works technically.Īt the end, I wish Discord starts taking serious actions toward such attacks, there many ways to defeat this, especially since that they use DISCORD for their services, the current server Bby Stealer uses is only 3 days old, Discord can add something like: The plan here is to get a user to run the virus, a webhook sends all info about them which includes: email - password - payment methods - IP - badges, and so on and also includes “HQ Friends”, this is the key behind this RAT's success, it helps the hackers targeting friends of their victims, obviously this is used to do illegal purchases and sell Discord accounts with rare badges. ![]() ![]() exe setup file with a Discord webhook you made and your id on their service servers. Bby Stealer is a service sold for 35$ per lifetime license, (they even let you try it for free for a small duration of time like a free trial), the bot in their Discord server generates an. This virus is called “Bby Stealer”, it’s a RAT designed to grab all possible Discord info as well infecting the Discord client to continue the execution (I will explain this part later). Starting off what is this scam? What is it called and how does it work? If you are a Discord user who spends a lot of time on it on a daily basis, then you have possibly come across the new Discord scam “Can you try a game I made?”, in this thread I will try to explain the result of me and u/GewoonIraj’s research on this. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |