My discord account got hacked, and I wanted to ask some questions about it

Ursula Arch Morningstar

• 23 de enero de 2022 11:12

So... I'll admit, I'm not really well versed in the world of hacking and information security. It's very important, for sure, but even as a programmer, it was less my niche. However, something happened to me recently and I figured to ask here, cause I am curious about a few things.

So, a few days ago, my discord account got taken over. It was an exe exploit sent to me by a friend whose account was already compromised, and I didn't catch on until it was too late. Within moments, the hacker got full control of my account, and tried to use it to scam other people. However... Strangely enough? They didn't go after anything else. Not my steam, or email, or PayPal. Just the discord account. Didn't even try and message me to ransom it.

1. I wanted to know if anyone knows how this sort of stuff works. My account had 2FA activated, and it didn't do anything to deter the hacker, so I'm curious how running an exe manages to do that and give the hacker access to my account. I'm assuming they generate a token using it, but... I'll be frank, I don't really know the full details, and I'm curious to find out.

2. Does... anyone know what hackers like this get out of it? Again, not asking to spite them or anything, I'm genuinely curious. With regular stealing and thieving of physical goods, you can at least make the basic argument that money is needed to live, and selling stolen goods gives you money. But... I can't see that happening with random discord accounts? Some people mentioned to me making a botnet, but I don't know what that is.

I should clarify, I'm not asking for vindication, empathy, or someone to avenge me. I've already taken all the steps needed with customer support, warned friends, etc. Now...I'm just curious, honestly. This is the first time I fell into a scam like this, and it was nothing like what I expected would happen. So if anyone can help me get some insight into the mindset of people who do this... I'd happily appreciate it.

0

• 

  arjun__

  • 23 de enero de 2022 22:27

  Even tho if you had 2FA activated, hackers are able to access your account by stealing your token, and from what I've heard they somehow create a duplicate account of yours, and they sell or give away the accounts with special badges like Early supporter, bug hunter etc..

  
  I don't know the legitimacy of this, but I do believe there is some truth for it.

   

   

  0
• 

  Weather7774

  • 26 de enero de 2022 09:13

  Since the other guy covered the token issue,

  The people who write programs to compromise accounts may simply do it out of curiosity, to see how far their program goes.

  0
• 

  Bunny

  • 1 de febrero de 2022 13:20

  I've had this issues a lot lately for my friends. The hackers have gotten more creative with their lies with Exe or fake websites. That to a naked eye seems harmless yet they give you a survey or a simple task to do to distract you long enough to get hacked and have the account stolen. It seems to be a thing where the hackers steal your account and if you add your own account back. They will ask for money in order to give your account back. The only price they accept is bitcoin since its not trackable and encrypted enough for a user to not gather any information about the hacker. I wouldn't recommend giving them money since they are already not trustworthy. Reason why they steal accounts with early supporter badge is to use them as a gateway to seem like a trustable user and not as a bot/spam account. Just so they can steal more accounts. From informations I've gathered lurking by friends trying to get their accounts back. The hackers are doing it for a much larger scale of audience than you think. There seems to be some black market thing going on where they steal people's information/accounts and then sell it off to others for a higher price. Since there are badge collectors who wants people's accounts for a hefty price. I don't know where these people are or where they find these things. But if you show any awareness that you know that they are a hacker they will remove the message to prevent you from copying the message link only so that you can not report them to the safety team. Since its a file that they can give to people using more and more early supporter badges while they join random servers. They would be able to get multiple accounts within an hour and earn profit with either selling them off to the original owner for lower price or sell it off to a badge hunter for more. ( Still to this day trying to help friends getting their accounts back from multiple types of hackers using exe or website hacks with the same purpose of recieving money it seems) 

  0

Iniciar sesión para dejar un comentario.