![]() "When used in a certain way, the library will hijack the secret Discord token given to it, in addition to performing the requested utility function." Two rogue packages, named markedjs and crypto-standarts, stand out for their role as duplicate trojan packages in that they completely replicate the original functionality of well-known libraries marked and crypto-js, but feature additional malicious code to remotely inject arbitrary Python code.Īnother malicious package is lemaaa, "a library which is meant to be used by malicious threat actors to manipulate Discord accounts," researchers Andrey Polkovnychenko and Shachar Menashe said. discord-protection (Discord token stealer)ĭiscord tokens have emerged as lucrative means for threat actors to gain unauthorized access to accounts sans a password, enabling the operators to exploit the access to propagate malicious links via Discord channels.Įnvironment variables, stored as key-value pairs, are used to save information pertaining to the programming environment on the development machine, including API access tokens, authentication keys, API URLs, and account names.discord.js-discord-selfbot-v4 (Discord token stealer).discord.js-selfbot-aployed (Discord token stealer).discord.js-selfbot-aployscript (Discord token stealer).discord.js-aployscript-v11 (Discord token stealer).discord-selfbot-tools (Discord token stealer).crypto-standarts (Python remote code injector). ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |