Popular messaging apps Telegram and Discord attract cybercriminals looking to abuse built-in app features for their advantage.
Threat actors combine legitimate app functionality with malicious software to attack unsuspecting users, researchers at Intel 471, a cyber threat intelligence company, claim.
Several information stealers that rely on Discord and Telegram float around the web, available for download. For example, Blitzed Grabber relies on Discord’s webhooks feature, similar to an application programming interface (API).
“Webhooks provide an easy way to have automated messages and data updates sent from a victim’s machine into a particular messaging channel,” researchers claim.
Info-stealers that rely on legitimate messaging apps can steal a trove of personal data, such as passwords, browser cookies, cryptocurrency wallets, payment card information, and operating system information.