filteredd
filteredd17mo ago

Infected w malware

So I got hacked via discord, I know who did it, they don’t speak english, they bought boosts thru my account, got into my email, and infected me with a trojan malware, what can i do? The trojan is currently quarantined
22 Replies
Cyber Forum
Cyber Forum17mo ago
Post created!
🔎 This post has been indexed in our web forum and will be seen by search engines so other users can find it outside Discord 🕵️ Your user profile is private by default and won't be visible to users outside Discord, if you want to be visible in the web forum you can add the "Public Profile" role in <id:customize> ✅ You can mark a message as the answer for your post with Right click -> Apps -> Mark Solution (if you don't see the option, try refreshing Discord with Ctrl + R)
From An unknown user
Wagon
Wagon17mo ago
There will be three things I recommend doing, One is to make sure you have changed your password on Discord and make sure 2FA is enabled; below, I will link Discord resources on how to do that. https://support.discord.com/hc/en-us/articles/219576828-Setting-up-Two-Factor-Authentication Second Regarding the malware, I would follow the procedures outlined in the CISA's resource I link below. https://www.cisa.gov/sites/default/files/publications/trojan-recovery.pdf Third, you can attempt to get your money back from the boosts by contacting Discord via a support request using the link below. https://support.discord.com/hc/en-us/requests/new
Discord
Setting up Two-Factor Authentication
Two-Factor Authentication (2FA for short) is a good way to add an extra layer of security to your Discord account to make sure that only you have the ability to log in. The Setup Process Start by c...
Wagon
Wagon17mo ago
Also outlined in that CISA document is some useful links to improve your personal security practices and prevent an incident like this again.
filteredd
filtereddOP17mo ago
No description
filteredd
filtereddOP17mo ago
The thing, I have no idea how this even happened in the first place
Wagon
Wagon17mo ago
As in how they breached your discord?
filteredd
filtereddOP17mo ago
Yes I’m currently in their discord it’s all russian people
Wagon
Wagon17mo ago
Have you downloaded any suspicious files or clicked any unusual links recently? One of the most common ways they gain access is by having you click a link that will grab your auth token, and they can use that to gain access without needing your password or 2FA. This is another excellent resource that outlines some of the ways people fraudulently gain access to your account. https://discord.com/safety/360044104071-tips-against-spam-and-hacking
Tips to Prevent Spam and Hacking | Discord
Learn tips on how to protect your account against spam and hacking.
filteredd
filtereddOP17mo ago
Nope. Been playing a game the past 5 hours. Then got logged out of my discord an hour ago Should i press Action>remove ? it’s quarantined at the moment
Wagon
Wagon17mo ago
I would focus on the remediation of the incident now and then read up on the best security practices from both the CISA document I shared and then discords blog post. And yes, I would do Action > Remove. I would also recommend following the rest of the steps outlined in the PDF
filteredd
filtereddOP17mo ago
So after it’s removed, should i be good? Already set up 2FA on discord and changed passwords to my email and discord
Wagon
Wagon17mo ago
I cannot say whether your AV will have mitigated the issue wholly, you may be fine. But my recommendation is to follow all the steps ins the CISA doc for the best chance of complete eradication and recovery.
filteredd
filtereddOP17mo ago
I scanned for threats, says no current threats, and says threat was removed you think i’m still at risk?
Wagon
Wagon17mo ago
It is possible. I cannot say for sure.
filteredd
filtereddOP17mo ago
No description
DirtyJ
DirtyJ17mo ago
If you're worried about something more persistent that Windows Defender might not catch, using a second opinion scanner like NPE or Hitman Pro would be another safe option. As for the account security, changing passwords, enabling 2fa, and following the above Discord recommendations are your best bet. Also stay away from those people
filteredd
filtereddOP17mo ago
Never met them at all, just logged back into my discord and saw that i was in their discord, not able to read russian so I didn’t know what it was
DirtyJ
DirtyJ17mo ago
People have had their Discord accounts receive warnings for being in servers associated with things that break TOS, so leaving that server would be recommended
filteredd
filtereddOP17mo ago
Okay so, i’ve changed all passwords, set up 2FA, ran a security check, found a trojan, quarantined it, and removed it, ran a second check and no threats found In reality am i safe ?
Wagon
Wagon17mo ago
As DirtyJ said, your best bet is to run a second opinion scanner like NPE or Hitman Pro. Both are linked below. We can't guarantee anything, but after that, you should be good. https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN https://www.hitmanpro.com/en-us/downloads
Download and run Norton Power Eraser - Free virus and malware remov...
Norton Power Eraser (NPE) is a free virus removal tool for Windows. It detects and removes viruses, malwares, spywares, trojans and threats from your computer.
HitmanPro
Download HitmanPro and HitmanPro.Alert Malware Removal and Protecti...
Download HitmanPro to remove ransomware, malware, ad trackers and spyware from your windows machines. Get HitmanPro.Alert to provide continuous scanning in real time.
filteredd
filtereddOP17mo ago
No description
filteredd
filtereddOP17mo ago
running a full system scan with norton aswell the 2 suspicious files are safe, had them for awhile