Home Malware Programs Botnets Spidey Bot

Spidey Bot

Posted: October 25, 2019

It is not uncommon for cybercriminals to abuse the files of legitimate software suites to implant malware on the computers of their victims. One of the recent malware families that makes use of this strategy is called Spidey Bot, and it aims to make changes to the files used by Discord, a popular messaging and voice application that is usually used by gamers. When the Spidey Bot plants its code in a Discord file, it will restart the application to ensure that the corrupted modules will be loaded – one of the easiest ways to ensure that your Discord installation has not been infected is to reinstall it entirely. Of course, you also could attempt to resolve the issue by running an anti-virus application, but you should keep in mind that since the unsafe code is hidden inside a legitimate program, anti-virus engines may opt to whitelist Discord instead of reporting the issue.

A Popular Gaming Application Targeted by Malware

One of the motives why the attackers may have opted to go after Discord, in particular, is because this program is built on the Electron framework – an application-building toolkit that enables developers to build applications with the use of basic languages like HTML, CSS and JavaScript. This makes it much easier for the cybercriminals to embed corrupted code in Discord's files and have it run whenever the application starts.

The Spidey Bot uses Discord's built-in 'webhook' features to enable a persistent backdoor on the compromised computer. Thanks to the escalated access to Discord's features, the attackers can extract various information that Discord has access to:

  • Payment data stored in the Discord profile.
  • Username, email address and phone number.
  • Information about connected applications and games.
  • The user Discord token (used for authorization).
  • IP address, time zone and screen resolution.
  • Up to 50 characters from the Windows Clipboard – a major security risk that may expose sensitive data to the attackers.

Crooks may Use Discord to Spread the Corrupted Files

Cybersecurity researchers warn that the Spidey Bot might be spread via various Discord chats and private messages – the attackers are likely to advertise it as a game cheat or a cracked application. It is recommended to avoid downloading files from unknown sources or senders. Another important note is that 'Spidey Bot' is the default name used by one of Discord's webhooks – seeing this name in your list of Discord webhooks is not a guarantee that you have become a victim of this new malware. As mentioned above, if you want to be sure that your Discord installation has not been backdoored, you should reinstall Discord completely.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Spidey Bot may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.