It is not uncommon for cybercriminals to abuse the files of legitimate software suites to implant malware on the computers of their victims. One of the recent malware families that makes use of this strategy is called Spidey Bot, and it aims to make changes to the files used by Discord, a popular messaging and voice application that is usually used by gamers. When the Spidey Bot plants its code in a Discord file, it will restart the application to ensure that the corrupted modules will be loaded – one of the easiest ways to ensure that your Discord installation has not been infected is to reinstall it entirely. Of course, you also could attempt to resolve the issue by running an anti-virus application, but you should keep in mind that since the unsafe code is hidden inside a legitimate program, anti-virus engines may opt to whitelist Discord instead of reporting the issue.
A Popular Gaming Application Targeted by Malware
The Spidey Bot uses Discord's built-in 'webhook' features to enable a persistent backdoor on the compromised computer. Thanks to the escalated access to Discord's features, the attackers can extract various information that Discord has access to:
- Payment data stored in the Discord profile.
- Username, email address and phone number.
- Information about connected applications and games.
- The user Discord token (used for authorization).
- IP address, time zone and screen resolution.
- Up to 50 characters from the Windows Clipboard – a major security risk that may expose sensitive data to the attackers.
Crooks may Use Discord to Spread the Corrupted Files
Cybersecurity researchers warn that the Spidey Bot might be spread via various Discord chats and private messages – the attackers are likely to advertise it as a game cheat or a cracked application. It is recommended to avoid downloading files from unknown sources or senders. Another important note is that 'Spidey Bot' is the default name used by one of Discord's webhooks – seeing this name in your list of Discord webhooks is not a guarantee that you have become a victim of this new malware. As mentioned above, if you want to be sure that your Discord installation has not been backdoored, you should reinstall Discord completely.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Spidey Bot may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.