TroubleGrabber, a new credential stealer discovered by Netskope security researchers, spreads via Discord attachments and uses Discord webhooks to deliver stolen information to its operators.
Several threat actors use the new info stealer to target gamers on Discord servers and to steal their passwords and other sensitive information.
Its capabilities are similar to another malware strain dubbed AnarchyGrabber [1, 2, 3] that infects Discord users, also used for harvesting credentials and disabling the victims’ two-factor authentication (2FA).
Netskope discovered the info stealer in October 2020 while collecting data for a previous report, with TroubleGrabber samples (detected as Razy variants) making up over 85% of all 1,650 malware samples targeting Discord during October.
Source: Bleeping Computer