10.10.2023 - Last week, a special case of social engineering was reported to the NCSC: in the video game community, a gamer was tricked into downloading a game that eventually turned out to be malware.
Fake game for Discord users
Attackers try to attack not only social media accounts like Facebook, Instagram and the like, but also the online service Discord, as shown by a case reported to the NCSC last week. Discord was originally developed for the needs of the video game community and offers the possibility to network, chat and talk while playing video games together online. In the case at hand, attackers specifically exploited the fact that Discord is mainly used in the gaming community in order to spread their malware.
The attack started with a message supposedly from a friend suggesting to try out a new game and download it. This is not unusual on Discord and, at first glance, also seems innocuous. However, the victim did not know that the attackers had previously hacked the friend's Discord account and taken control of it. Not suspecting anything, the victim then downloaded the executable file onto his computer and installed it. Since it was a game, it was also normal to confirm all warnings and notifications from the computer that something was being installed. But these confirmations also meant that malware was installed.
Shortly afterwards, the attackers attempted to take control of the Discord account of the person who reported the attack. The malware was able to intercept passwords and send them to the attackers. The attackers subsequently tried to take control of other services as well, as evidenced by warnings about attempted account changes received by the victim. However, these attempts failed especially where two-factor authentication was activated, as the second factor (one-time password) is preferably sent via a separate device (e.g. smartphone). If this device is not infected, attackers will not succeed in such cases. This shows how important it is to set up two-factor authentication and to use a different device for the second factor.
- Be careful when installing programs. Download programs solely from secure and trustworthy sources.
- Wherever possible, install two-factor authentication.
- If you suspect that your computer is infected with malware, contact a specialist computer retailer.
- Many malicious programs make profound changes to the system that cannot easily be reversed. Therefore, the entire system should be reinstalled if an infection is confirmed. Regular backups make it easier to restore your data.
- After the reinstallation, change your passwords for all online access (email, social networks, etc.).
Current statistics
Last week's reports by category:
Last modification 10.10.2023
