Researchers have found a simple malware function that steals passwords and then sends them to Discord Webhooks. A Discord user with the handle “Portu” began selling a new password-stealing malware generator on April 23rd, 2022.
Malware builders are applications that “script kiddie” hackers can use to create their own executables. A script kiddie is used to describe a rookie hacker who modifies pre-existing code for their own malevolent objectives.
Four days later, Uptycs security experts detected the first sample of “KurayStealer,” a Portu-inspired malware sample in the wild. The software has been used to attack Discord users, according to researchers.