Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown
Blog In Depth

Discord malware: what is it and how to remove it?

Worried about leaking your sensitive data while you're gaming? Discord malware could be exposing your data without you realizing. Learn more about the discord malware virus and its many forms.

Paulius Ilevičius

Paulius Ilevičius

Jun 09, 2021 · 3 min read

Discord malware: what is it and how to remove it?

What is the Discord Virus?

Discord Virus is the collective term given to the malware programs found on the Discord app. Cybercriminals use various techniques to trick Discord users into installing the Discord virus, or Discord malware, onto their device with devastating effects.

The most common type of malware in Discord is the Remote Access Trojan (RAT). Hackers usually distribute them via malicious links. When RATs are injected into your device, they gain administrative rights and can track your actions, steal data and manipulate your device. They can also install additional malware or make your computer part of abotnet for further virus dissemination.

Discord as stolen data storage

Webhooks allow third parties to send messages to a Discord channel. Hackers can use them to create URLs to send messages. Webhooks are a popular method to withdraw data from a hacked user device. A hacker can sync webhooks with a corrupted system and extract the stolen data via Discord.

How the Discord Virus can infect you

There are different forms of Discord malware, and each has its own way of spreading and infecting your devices.

1. Corrupted Discord installation file

Users can modify their Discord Javascript files. If a cybercriminal gains user permission, they can add malicious code to Discord's client files. Once users launch the file, they also execute the code. The hacker can then access the user's Discord data.

This attack is particularly difficult to detect. Antivirus software will probably not recognize the corrupt code. However, if Discord detects that someone modified the files while it's updating, it warns the user and asks whether to continue to run the client. You can also check files manually for suspicious additions. You can find lots of info online on what to look for.

Spidey Bot is one of the most common type of corrupted Discord file. One way to check whether you have it is by opening the %AppData%\Discord\[version]\modules\discord_modules\index.js and %AppData%\Discord\[version]\modules\discord_desktop_core\index.js folders and checking how many lines of code they have. If there is more than one line, then the files have been compromised. At this point, however, the only remedy is to reinstall Discord and secure your Discord account or device.

Only download Discord from official sources or websites. This will minimize the possibility of getting a copy of Discord with malicious code.

2. Through Discord itself

As with most social apps, Discord can also be a source for malware. Even though the filtering of malicious files and warning users if they encounter one, improve Discord security, the platform does not recognize all of them – especially new ones.

Users may also upload a file to Discord and then use its link to share it externally. Even users with no Discord account can download it. Moreover, even if someone deletes the file from Discord or removed their account, the platform still stores it in its content delivery network. So no one can trace the original uploader of file with just a Discord download URL.

You can also encounter more typical social engineering techniques here such as phishing links via direct messages, bait-and-switch ads, etc. Mitigate these risks as follows:

  • Do not open links from sources you don't know or trust;
  • Immediately scan your system and reinstall Discord if you notice something suspicious.
  • Always have your antivirus software updated;
  • Use NordVPN; Its Threat Protection feature helps block malware-loaded pop-up ads, third-party trackers, and phishing sites. In many cases it can even replace your usual antivirus software — Threat Protection also scans your downloaded files. If it detects malware in the file, it deletes it

    Online security starts with a click.

    Stay safe with the world’s leading VPN