0-Day Malware Discovered On Discord Network. Any Help?

I was tricked by a malicious actor on discord into downloading a game that was actually a form of malware. After installing the fake game, this person then sent me messages containing my account usernames and passwords, along with web addresses that contained the word "host", and threatened to sell my credentials if I did not pay them.

EDITED: URL and Password removed by @Gjoksi

"Posting malware samples and /or URLs is not allowed in the community! Do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender."

Answers

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭

    Hello.

    You should contact Bitdefender Consumer Support by chat, telephone or e-mail:

    Chat is the fastest way to get in touch with Bitdefender Consumer Support.

    NOTE: Bitdefender telephone support is not toll-free!

    Regards.

  • Alexandru_BD
    Alexandru_BD admin
    edited February 2023

    Hello @Seletus,

    I'm sorry to hear that. This will be a task for our malware engineers, as they need to identify the type of malware first and determine if it's still present on the affected device. In the meantime, what you can do is to change your credentials for all the known accounts that may have been compromised. Do not, I repeat, DO NOT provide any information to the malicious actor and cease all communications with them. Their tactics may give you the sense of urgency and they might try to persuade you to unknowingly share more details or pay a ransom. Don't fall for that.

    In the event you have Bitdefender installed on your devices, use the link above to contact our Support teams and ask for further assistance asap.

    Also, can you share just the name of the fake game with us, please? This will help raise awareness.

    Let us know how it goes.

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    Can you upload the sample to virustotal.com and share the virustotal link here.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Seletus
    edited February 2023

    To ensure the safety of my computer, I have provided the link to the file on VirusTotal rather than attaching the file itself.

    The link is:

     https://www.virustotal.com/gui/url/2b97f1ca345037bc4fdad6d692e4eb10878e8b2ac4e93bf4688837fda2fec40a

  • Thank you for your concern, Alexandru_BD. I have taken the necessary precautions and changed my passwords on a separate device. I am now seeking advice on how to disinfect my computer before powering it on. The malicious software was disguised as a game called "Lazzarus".

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    I am unable to download the sample as link is not opening at my end. Can you share the sample to me via private message.

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited February 2023

    Thanks for sharing the sample. It has been shared with the malware researchers.

    Below is the virustotal link of the shared sample.

    https://www.virustotal.com/gui/file/377901c49abb9fd6949bc1b0469e0bd5545dee48ae783c47e142eb09a47c4d21?nocache=1

    Regards

    Life happens, Coffee helps!

    Bitdefender Ultimate Security Plus (user)