Discord Invite Hijacking: How Fake Links Are Delivering Infostealers
June 24, 2025, 2:27 p.m.
Description
Cybercriminals are exploiting Discord's invite system and content delivery features to distribute malware and steal sensitive data. They use fake invite links, expired codes, and vanity URLs to redirect users to malicious servers. The attack chain involves a sophisticated combination of social engineering, multi-stage loaders, and time-based evasion tactics. Victims are tricked into authorizing a fake bot, which leads to the deployment of AsyncRAT and a customized Skuld Stealer. These malware variants target browser credentials, Discord tokens, and cryptocurrency wallets. The campaign uses trusted platforms like GitHub and Bitbucket to host encrypted payloads, and employs advanced techniques to bypass security measures and maintain persistence.
Tags
Date
- Created: June 20, 2025, 9:13 p.m.
- Published: June 20, 2025, 9:13 p.m.
- Modified: June 24, 2025, 2:27 p.m.
Additional Informations
- Slovakia
- Austria
- France
- Germany
- United States of America