• bitcoinBitcoin (BTC) $ 113,207.00
  • ethereumEthereum (ETH) $ 4,025.72
  • tetherTether (USDT) $ 1.00
  • xrpXRP (XRP) $ 2.63
  • bnbBNB (BNB) $ 1,119.99
  • solanaWrapped SOL (SOL) $ 195.22
  • usd-coinUSDC (USDC) $ 0.999850
  • staked-etherLido Staked Ether (STETH) $ 4,024.05
  • dogecoinDogecoin (DOGE) $ 0.194000
  • tronTRON (TRX) $ 0.297312
  • cardanoCardano (ADA) $ 0.645165
  • wrapped-stethWrapped stETH (WSTETH) $ 4,899.99
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 112,903.00
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 4,347.60
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.03
  • hyperliquidHyperliquid (HYPE) $ 47.49
  • chainlinkChainlink (LINK) $ 17.85
  • bitcoin-cashBitcoin Cash (BCH) $ 561.55
  • wrapped-eethWrapped eETH (WEETH) $ 4,344.54
  • stellarStellar (XLM) $ 0.318260
  • ethena-usdeEthena USDe (USDE) $ 0.999375
  • usdsUSDS (USDS) $ 1.00
  • suiSui (SUI) $ 2.50
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 1.00
  • wethWETH (WETH) $ 4,025.01
  • leo-tokenLEO Token (LEO) $ 9.64
  • avalanche-2Avalanche (AVAX) $ 19.53
  • hedera-hashgraphHedera (HBAR) $ 0.194298
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 113,064.00
  • litecoinLitecoin (LTC) $ 97.27
  • usdt0USDT0 (USDT0) $ 1.00
  • moneroMonero (XMR) $ 344.21
  • whitebitWhiteBIT Coin (WBT) $ 42.65
  • shiba-inuShiba Inu (SHIB) $ 0.000010
  • the-open-networkToncoin (TON) $ 2.26
  • crypto-com-chainCronos (CRO) $ 0.149314
  • zcashZcash (ZEC) $ 318.34
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.20
  • mantleMantle (MNT) $ 1.56
  • polkadotPolkadot (DOT) $ 3.07
  • daiDai (DAI) $ 0.999908
  • bittensorBittensor (TAO) $ 434.61
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.144063
  • memecoreMemeCore (M) $ 2.26
  • uniswapUniswap (UNI) $ 6.35
  • aaveAave (AAVE) $ 229.32
  • susdssUSDS (SUSDS) $ 1.07
  • okbOKB (OKB) $ 163.75
  • ethenaEthena (ENA) $ 0.459938
  • bitget-tokenBitget Token (BGB) $ 4.70
  • usd1-wlfiUSD1 (USD1) $ 1.00
  • pepePepe (PEPE) $ 0.000007
  • nearNEAR Protocol (NEAR) $ 2.24
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • paypal-usdPayPal USD (PYUSD) $ 1.00
  • jito-staked-solJito Staked SOL (JITOSOL) $ 242.03
  • ethereum-classicEthereum Classic (ETC) $ 15.97
  • binance-peg-wethBinance-Peg WETH (WETH) $ 4,026.40
  • aptosAptos (APT) $ 3.34
  • ondo-financeOndo (ONDO) $ 0.733503
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 5.55
  • pi-networkPi Network (PI) $ 0.267862
  • aster-2Aster (ASTER) $ 1.08
  • falcon-financeFalcon USD (USDF) $ 0.998015
  • tether-goldTether Gold (XAUT) $ 3,978.65
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.194909
  • worldcoin-wldWorldcoin (WLD) $ 0.868727
  • usdtbUSDtb (USDTB) $ 1.00
  • rocket-pool-ethRocket Pool ETH (RETH) $ 4,615.52
  • gatechain-tokenGate (GT) $ 14.86
  • arbitrumArbitrum (ARB) $ 0.317250
  • kucoin-sharesKuCoin (KCS) $ 13.46
  • htx-daoHTX DAO (HTX) $ 0.000002
  • binance-staked-solBinance Staked SOL (BNSOL) $ 211.07
  • pump-funPump.fun (PUMP) $ 0.004829
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 47.80
  • internet-computerInternet Computer (ICP) $ 3.06
  • hash-2Provenance Blockchain (HASH) $ 0.032845
  • story-2Story (IP) $ 5.01
  • algorandAlgorand (ALGO) $ 0.183465
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 4,253.19
  • kaspaKaspa (KAS) $ 0.057623
  • official-trumpOfficial Trump (TRUMP) $ 7.75
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 4,249.01
  • cosmosCosmos Hub (ATOM) $ 3.12
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 4,326.56
  • vechainVeChain (VET) $ 0.016757
  • wbnbWrapped BNB (WBNB) $ 1,120.35
  • jupiter-exchange-solanaJupiter (JUP) $ 0.423650
  • skySky (SKY) $ 0.058284
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 112,909.00
  • syrupusdcSyrup USDC (SYRUPUSDC) $ 1.13
  • pax-goldPAX Gold (PAXG) $ 3,983.03
  • bfusdBFUSD (BFUSD) $ 0.999876
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.020787
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 4,278.17
  • flare-networksFlare (FLR) $ 0.016664
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.10
  • render-tokenRender (RENDER) $ 2.42
  • sei-networkSei (SEI) $ 0.195593
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 1.00
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 112,644.00
  • nexoNEXO (NEXO) $ 1.13
  • bonkBonk (BONK) $ 0.000014
  • filecoinFilecoin (FIL) $ 1.57
  • xdce-crowd-saleXDC Network (XDC) $ 0.061280
  • morphoMorpho (MORPHO) $ 1.99
  • immutable-xImmutable (IMX) $ 0.519845
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.997555
  • mantle-staked-etherMantle Staked Ether (METH) $ 4,334.95
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 224.01
  • global-dollarGlobal Dollar (USDG) $ 1.00
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 1.46
  • spx6900SPX6900 (SPX) $ 1.01
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 113,194.00
  • ripple-usdRipple USD (RLUSD) $ 1.00
  • aerodrome-financeAerodrome Finance (AERO) $ 0.988256
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.61
  • clbtcclBTC (CLBTC) $ 113,071.00
  • fasttokenFasttoken (FTN) $ 1.92
  • celestiaCelestia (TIA) $ 1.00
  • optimismOptimism (OP) $ 0.435917
  • injective-protocolInjective (INJ) $ 8.45
  • lido-daoLido DAO (LDO) $ 0.912994
  • hashnote-usycCircle USYC (USYC) $ 1.10
  • msolMarinade Staked SOL (MSOL) $ 261.09
  • blockstackStacks (STX) $ 0.442995
  • ousgOUSG (OUSG) $ 113.09
  • doublezeroDoubleZero (2Z) $ 0.225201
  • curve-dao-tokenCurve DAO (CRV) $ 0.533397
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.87
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 4,270.06
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 4,023.16
  • chainopera-aiChainOpera AI (COAI) $ 3.46
  • flokiFLOKI (FLOKI) $ 0.000071
  • plasmaPlasma (XPL) $ 0.362464
  • usdx-money-usdxStables Labs USDX (USDX) $ 0.998489
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.09
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.259278
  • tbtctBTC (TBTC) $ 112,894.00
  • the-graphThe Graph (GRT) $ 0.063235
  • pyth-networkPyth Network (PYTH) $ 0.112109
  • kaiaKaia (KAIA) $ 0.108320
  • tezosTezos (XTZ) $ 0.593495
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 4,024.78
  • stader-ethxStader ETHx (ETHX) $ 4,317.75
  • gtethGTETH (GTETH) $ 4,026.29
  • sonic-3Sonic (S) $ 0.161232
  • beldexBeldex (BDX) $ 0.079307
  • iotaIOTA (IOTA) $ 0.143990
  • usdaiUSDai (USDAI) $ 1.01
  • dashDash (DASH) $ 46.20
  • conflux-tokenConflux (CFX) $ 0.110050
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999781
  • newton-projectAB (AB) $ 0.006605
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999891
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 4,427.78
  • pendlePendle (PENDLE) $ 3.24
  • usual-usdUsual USD (USD0) $ 0.998658
  • swethSwell Ethereum (SWETH) $ 4,440.77
  • ether-fiEther.fi (ETHFI) $ 0.951372
  • humanityHumanity (H) $ 0.290263
  • dogwifcoindogwifhat (WIF) $ 0.528147
  • theta-tokenTheta Network (THETA) $ 0.526972
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.26
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 113,130.00
  • the-sandboxThe Sandbox (SAND) $ 0.211080
  • ethereum-name-serviceEthereum Name Service (ENS) $ 15.57
  • starknetStarknet (STRK) $ 0.119054
  • mantle-bridged-usdt-mantleMantle Bridged USDT (Mantle) (USDT) $ 0.999468
  • wrapped-hypeWrapped HYPE (WHYPE) $ 47.63
  • myx-financeMYX Finance (MYX) $ 2.63
  • galaGALA (GALA) $ 0.010815
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.194240
  • jasmycoinJasmyCoin (JASMY) $ 0.010299
  • true-usdTrueUSD (TUSD) $ 0.998955
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 4,018.80
  • bittorrentBitTorrent (BTT) $ 0.00000050
  • raydiumRaydium (RAY) $ 1.81
  • astherus-staked-bnbAster Staked BNB (ASBNB) $ 1,185.87
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • arbitrum-bridged-wrapped-eethArbitrum Bridged Wrapped eETH (Arbitrum) (WEETH) $ 4,340.21
  • heliumHelium (HNT) $ 2.44
  • vaultaVaulta (A) $ 0.284268
  • benqi-liquid-staked-avaxBENQI Liquid Staked AVAX (SAVAX) $ 24.05
  • swissborgSwissBorg (BORG) $ 0.460294
  • decentralandDecentraland (MANA) $ 0.235202
  • bitcoin-svBitcoin SV (BSV) $ 22.50
  • mantle-restaked-ethMantle Restaked ETH (CMETH) $ 4,333.12
  • usddUSDD (USDD) $ 0.999715
  • syrupMaple Finance (SYRUP) $ 0.395062
  • kinetiq-earn-vaultKinetiq Earn Vault (VKHYPE) $ 48.00
  • sun-tokenSun Token (SUN) $ 0.022765
  • polygon-pos-bridged-weth-polygon-posPolygon PoS Bridged WETH (Polygon POS) (WETH) $ 4,020.40
  • flowFlow (FLOW) $ 0.269352
  • ghoGHO (GHO) $ 0.999750
  • jito-governance-tokenJito (JTO) $ 1.06
  • ape-and-pepeApe and Pepe (APEPE) $ 0.000002
  • frax-etherFrax Ether (FRXETH) $ 3,981.58
  • eigenlayerEigenCloud (prev. EigenLayer) (EIGEN) $ 1.06
Bitcoin

Hackers use Discord invite links to deliver malware

By admin
0 40

Hackers use Discord invite links to deliver malware

A new campaign of malware targeting crypto users via Discord invite links has been uncovered. According to information, the new malware exploits a weakness in Discord’s invitation system to deliver an information stealer known as Skuld and the AsyncRAT remote access trojan.

In a report by Check Point, the platform mentioned that the attackers hijack the links through vanity link registration, which allows them to easily redirect users from trusted sources to malicious servers.

“The attackers combined the ClickFix phishing technique, multi-stage loaders, and time-based evasions to stealthily deliver AsyncRAT, and a customized Skuld Stealer targeting crypto wallets,” Check Point said.

According to the platform, one of the uses of Discord’s invite mechanism is that it allows attackers to hijack expired or deleted invite links and secretly redirect unsuspecting users to different malicious servers under their control. This means that a Discord invite link, which was previously shared for a legitimate purpose on social media and other forums could be used to lead users to their malicious servers and platforms.

Discord invite link hijacked for malicious purposes

This development comes a little over a month after the cybersecurity firm revealed another sophisticated phishing campaign that hijacked expired vanity links to entice users into joining a Discord server, instructing them to visit a phishing site to verify ownership. The malicious actors eventually used the platform to gain illegal access to the users’ digital wallets and drain their wallets after connecting them.

While users are allowed to create temporary, permanent, or custom invite links on Discord, the platform does not allow other legitimate servers to reclaim a previously expired or deleted invite link. However, if a user creates a custom link, they can reuse the expired invite codes and even some deleted permanent invite codes in some cases.

This ability to reuse expired or deleted codes when creating custom vanity invite links allows criminals to abuse it, with most of them claiming them for their malicious servers. “This creates a serious risk: Users who follow previously trusted invite links (e.g., on websites, blogs, or forums) can unknowingly be redirected to fake Discord servers created by threat actors,” Check Point said.

According to the report, Discord invite link hijacking involves using a legitimate invite link shared by communities to redirect users to a malicious server. Victims of this scheme are asked to complete a verification stamp, which involves entering several details to gain full access to the server. This is done by authorizing a bot, which leads them to a fake website where they are mandated to verify the information provided. After this, the scammers use a social engineering tactic to trick users into infecting their systems.

Malicious actors steal wallet seed phrases with malware

According to the report, the Skuld malware is capable of harvesting crypto wallet seed phrases from the Exodus and Atomic crypto wallets. It carries out this activity using an approach called wallet injection, replacing the original version of the application files with versions loaded with trojans downloaded from GitHub. Another payload is a Goland information stealer that can be downloaded from Bitbucket. It is used to steal sensitive data from Discord, various browsers, crypto wallets, and gaming platforms.

Check Point added that it also identified another malicious campaign being carried out by the same threat actor where it distributed the loader as a modified version of a hack tool for unlocking pirated hams. The program, according to the report, has been downloaded 350 times on Bitbucket. Victims of these campaigns are primarily located in the United States, France, Slovakia, the Netherlands, Austria, Vietnam, and the United Kingdom.

The findings show the latest example of how cybercriminals have been targeting the platform. “This campaign illustrates how a subtle feature of Discord’s invite system, the ability to reuse expired or deleted invite codes in vanity invite links, can be exploited as a powerful attack vector,” the researchers said. “By hijacking legitimate invite links, threat actors silently redirect unsuspecting users to malicious Discord servers.”

Source

admin 14518 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.