Hackers inflicted malware on Top.gg's Discord bots to steal your data

Hackers targeted the Top.gg community and inflicted bots with malware

News

Reading time icon 2 min. read

Calendar icon Published on

by Sebastian Filipoiu 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Discord bot attacked by malware

Hackers targeted Top.gg, the Discord community with over 170,000 members. If you use the app, you might already know about the group. After all, they share many great bots you can use for various purposes, such as gaming, music, giveaways, management, and more. Thus, wrongdoers considered exploiting Discord bots to spread their malware and gain control over personal information from other groups.

In addition, the community promotes discord servers and acts like a store for the bots. Also, the platform enhances gaming experiences, provides moderation tools, and offers fun features for other gaming communities.

How did threat actors target the Discord Community?

To target Discord communities, threat actors used a supply chain attack. This method allowed them to sneak malware into the platform, affecting developers and other members. The ones responsible used various tactics in the past, such as stealing GitHub accounts, distributing malicious Python packages (PyPI), using a fake Python infrastructure, and social engineering. The main goals of the wrongdoers are to spread Discord bots with malware to steal data and sell it for money.

Unfortunately, according to BleepingComputer, cybercriminals started targeting the Discord community in 2022. At first, they used PyPI to upload malicious packages similar to open-source tools. While seeming legitimate, they contained malware.

As a result, some developers contacted the virus and got their accounts hijacked. Afterward, hackers altered the developer’s project files to spread the virus to other Discord bots. On top of that, they used fake dependencies to redirect the user to the attacker’s fake mirror. The fake mirror is a website or server that looks legitimate to trick you into downloading malware or sharing personal information.

Ultimately, wrongdoers target important Discord communities like Top.gg because other groups use their bots and tools. Thus, threat actors can use this opportunity to spread their malware and steal and sell our data. To defend against attacks, you can review your code, check the updates, scrutinize sources, and use code signing and multi-factor authentications. Furthermore, if you are a Discord server owner, consider verifying the bot’s reviews, ratings, and permissions.

What are your thoughts? How do you defend your community and work against cyber criminals? Let us know your practices in the comments.

More about the topics: Cybersecurity, Discord, Discord issues

Sebastian Filipoiu

Sebastian Filipoiu Shield

Sebastian is a content writer with a desire to learn everything new about AI and gaming. So, he spends his time writing prompts on various LLMs to understand them better. Additionally, Sebastian has experience fixing performance-related problems in video games and knows his way around Windows. Also, he is interested in anything related to quantum technology and becomes a research freak when he wants to learn more.