New malware that targets Discord on Windows turns the client into a backdoor and Trojan

Anyone that uses Discord on Windows and is getting suspicious unprompted messages from users should make sure to not click on them in order to avoid the latest case of malware running amok. Make sure that your Discord install is up to date.

Called "Spidey Bot," the malware nests itself in modified JavaScript in the following locations on infected computers:

%AppData%\Discord[version]\modules\discord_modules\index.js %AppData%\Discord[version]\modules\discord_desktop_core\index.js

Discord user token Victim timezone Screen resolution Victim's local IP address Victim's public IP address via WebRTC User information such as username, email address, phone number, and more Whether they have stored payment information Zoom factor Browser user agent Discord version The first 50 characters of the victim's Windows clipboard

All of that information, especially the first 50 characters of a person's clipboard, definitely makes this a dangerous piece of malware. And after the information is sent to the attacker, a backdoor is implemented so the attacker can attempt to steal more data from the infected installation in the future.

As of a few hours before the publication of this story, Discord has not addressed the malware according to a tweet by the group that discovered it. So for now, make sure to only download applications you know and trust, as well as to not click on any unprompted messages with links.

Further coverage: BleepingComputer