Compromised NPM packages now a vector for stealing Discord Tokens

Compromised NPM Node Package Manager Attack Vector Discord Tokens Communication Platform Info Stealing

Researchers have discovered several compromised Node Package Manager (NPM) packages trying to hijack and steal Discord tokens. Discord is a growing chat app with about 350 million users globally. However, due to this popularity, this chat application caught the attention of numerous malicious threat actors.

Recently, security researchers have identified 17 distinct malicious packages in the NPM storage. These malware-injected packages can hijack and steal Discord users’ tokens. Moreover, the payloads inside the compromised NPM range from info stealer forms to remote backdoors. Each payload has a different package with different infection methods, such as dependency confusion, typosquatting, and trojan capability.


The infected NPM packages can cause massive damage to Discord if not addressed carefully.


These compromised NPMs, if executed well, can have many severe effects on the Discord platform. If NPM threat actors succeed in infecting their target, they can hijack a user’s Discord token and obtain full access and control over the compromised account. Furthermore, the use of public hack tools can help even amateur hackers in hacking Discord accounts.

In addition, hijacked Discord accounts can be utilised for social engineering methods and malware distribution. It can also enable hackers to target Discord Nitro accounts and resell them in deep web markets. Discord servers can be utilised as anonymous command-and-control servers that can manipulate a remote access trojan or an entire body of a botnet.

Discord is becoming a target not just to NPM users but also to other forms of cybercriminal entities.

A new crypter donning the name Babadeda was recently discovered, targeting the Crypto, DeFi (decentralised finance), and NFT communities by infiltrating Discord channels. The malicious threat actor would reach a crypto-themed Discord account and send compromised messages to targets, requesting them to download software, app, or game.

Malware threats have targeted Discord tokens due to the massive number of Discord users worldwide, and public stockrooms have evolved into a convenient way for malware reproduction. This concern has become an enormous threat in the future, and cybersecurity must have a readily available mitigation process to stop such cyberattacks.

About the author

Leave a Reply