Infected w malware
So I got hacked via discord, I know who did it, they don’t speak english, they bought boosts thru my account, got into my email, and infected me with a trojan malware, what can i do? The trojan is currently quarantined
C
This post has been indexed in our web forum and will be seen by search engines so other users can find it outside Discord
Your user profile is private by default and won't be visible to users outside Discord, if you want to be visible in the web forum you can add the "Public Profile" role in <id:customize>
You can mark a message as the answer for your post with Right click -> Apps -> Mark Solution(if you don't see the option, try refreshing Discord with Ctrl + R)
CThere will be three things I recommend doing,
One is to make sure you have changed your password on Discord and make sure 2FA is enabled; below, I will link Discord resources on how to do that.
https://support.discord.com/hc/en-us/articles/219576828-Setting-up-Two-Factor-Authentication
Second Regarding the malware, I would follow the procedures outlined in the CISA's resource I link below.
https://www.cisa.gov/sites/default/files/publications/trojan-recovery.pdf
Third, you can attempt to get your money back from the boosts by contacting Discord via a support request using the link below.
https://support.discord.com/hc/en-us/requests/new
One is to make sure you have changed your password on Discord and make sure 2FA is enabled; below, I will link Discord resources on how to do that.
https://support.discord.com/hc/en-us/articles/219576828-Setting-up-Two-Factor-Authentication
Second Regarding the malware, I would follow the procedures outlined in the CISA's resource I link below.
https://www.cisa.gov/sites/default/files/publications/trojan-recovery.pdf
Third, you can attempt to get your money back from the boosts by contacting Discord via a support request using the link below.
https://support.discord.com/hc/en-us/requests/new
Discord
Two-Factor Authentication (2FA for short) is a good way to add an extra layer of security to your Discord account to make sure that only you have the ability to log in.
The Setup Process
Start by c...
The Setup Process
Start by c...
CAlso outlined in that CISA document is some useful links to improve your personal security practices and prevent an incident like this again.
I
IThe thing, I have no idea how this even happened in the first place
CAs in how they breached your discord?
IYes
II’m currently in their discord
Iit’s all russian people
CHave you downloaded any suspicious files or clicked any unusual links recently? One of the most common ways they gain access is by having you click a link that will grab your auth token, and they can use that to gain access without needing your password or 2FA. This is another excellent resource that outlines some of the ways people fraudulently gain access to your account.
https://discord.com/safety/360044104071-tips-against-spam-and-hacking
https://discord.com/safety/360044104071-tips-against-spam-and-hacking
Learn tips on how to protect your account against spam and hacking.
INope. Been playing a game the past 5 hours. Then got logged out of my discord an hour ago
IShould i press Action>remove ? it’s quarantined at the moment
CI would focus on the remediation of the incident now and then read up on the best security practices from both the CISA document I shared and then discords blog post. And yes, I would do Action > Remove. I would also recommend following the rest of the steps outlined in the PDF
ISo after it’s removed, should i be good?
IAlready set up 2FA on discord and changed passwords to my email and discord
CI cannot say whether your AV will have mitigated the issue wholly, you may be fine. But my recommendation is to follow all the steps ins the CISA doc for the best chance of complete eradication and recovery.
II scanned for threats, says no current threats, and says threat was removed
Iyou think i’m still at risk?
CIt is possible. I cannot say for sure.
I
DIf you're worried about something more persistent that Windows Defender might not catch, using a second opinion scanner like NPE or Hitman Pro would be another safe option.
As for the account security, changing passwords, enabling 2fa, and following the above Discord recommendations are your best bet. Also stay away from those people
As for the account security, changing passwords, enabling 2fa, and following the above Discord recommendations are your best bet. Also stay away from those people
INever met them at all, just logged back into my discord and saw that i was in their discord, not able to read russian so I didn’t know what it was
DPeople have had their Discord accounts receive warnings for being in servers associated with things that break TOS, so leaving that server would be recommended
IOkay so, i’ve changed all passwords, set up 2FA, ran a security check, found a trojan, quarantined it, and removed it, ran a second check and no threats found
IIn reality am i safe ?
CAs DirtyJ said, your best bet is to run a second opinion scanner like NPE or Hitman Pro. Both are linked below. We can't guarantee anything, but after that, you should be good.
https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN
https://www.hitmanpro.com/en-us/downloads
https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN
https://www.hitmanpro.com/en-us/downloads
Norton Power Eraser (NPE) is a free virus removal tool for Windows. It detects and removes viruses, malwares, spywares, trojans and threats from your computer.
HitmanPro
Download HitmanPro to remove ransomware, malware, ad trackers and spyware from your windows machines. Get HitmanPro.Alert to provide continuous scanning in real time.
I
Irunning a full system scan with norton aswell
Ithe 2 suspicious files are safe, had them for awhile