This fake Discord software could infect your PC | MalwareHunterTeam has discovered a new version of the AnarchyGrabber malware that modifies Discord client files to evade detection.

This fake Discord software could infect your PC

This fake Discord software could infect your PC

This fake Discord software could infect your PC

This fake Discord software could infect your PC

This fake Discord software could infect your PC

This fake Discord software could infect your PC
This fake Discord software could infect your PC
  • By:
  • Views 9

A new variant of the AnarchyGrabber malware has been discovered by MalwareHunterTeam which modifies Discord client files in order to evade detection and steal user accounts every time someone logs into the popular chat service.

The malware is distributed on hacking forums and in YouTube videos to allow cybercriminals to steal user tokens for a logged-in Discord user once it is executed. These user tokens are then uploaded back to a Discord channel under the attacker's control where they can be collected and used to log in as their victims.

The original version of AnarchyGrabber comes in the form of an executable that can easily be detected by security software and only has the ability to steal tokens while it is running.

However, a newer version of the malware has been altered to avoid detection and establish persistence on a user's machine.


In an effort to make it more difficult for antivirus software to detect the malware and to offer persistence, a hacker has updated AnarchyGrabber to modify the JavaScript files used by the Discord client to inject its code every time it runs.

The new version of the malware has been dubbed AnarchyGrabber2 and when executed, it will modify Discord's index.js file to inject JavaScript created by its developer.

The new changes to the malware allow it to run additional malicious JavaScript files every time a user opens Discord. Once a user who has the AnarchyGrabber2 running on their system logs into Discord, the scripts will use a webhook to post the victim's user token to the attacker's Discord channel along with the message “Brought to you by The Anarchy Token Grabber”.

Unfortunately, even if the original malware executable is deleted, the client files will already be modified. Security software has a hard time detecting these client modifications which allows the code to remain on a user's machine without them even knowing their accounts are being stolen.

Until Discord decides to add client integrity into its software, Discord accounts will continue to be at risk from AnarchyGrabber2 and other malware that modifies client files.

Via BleepingComputer

Ads Links by Easy Branches

Play online games for free at


Easy Branches Worldwide Network provide the possibility and allows You to contribute Your Guest Post on different websites and languages, pointed to any City or Country

Place Guest Post
Banner advertising on easybranches network boatshowchina TPE-Bangkok





Invitation to China VMF 2020
Coronavirus - South Africa: Doctors Without Borders (MSF) opens new COVID-19 Khayelitsha Field Hospital in partnership with the Department of Health
Rasha Kelej creates a song by singers from 11 African countries to support medical workers during Coronavirus battle
Luxury Super Yacht for Charter in Phuket for a Day You Never more will Forget
Asia-Pacific Boating and China Boating magazines
SEA Yachting is one of Southeast Asia’s leading leisure marine publications. SEA Yachting strives to keep people in the leisure marine industry throughout Southeast Asia up-to-date on technology, events, products and processes that have an impact on their
Agency Sign-up Fill in the form and our consultants will contact you as soon as possible in order to give you all the information you need to sale, rent Your real estate, property
immediate for delivery new exclusive hypercars, megacars and super sportcars so as luxury classic sports cars for sale and purchasing