Disclosures:
Professional Reviews

The reviews found on GuideHaven consist of evaluations conducted by community reviewers. These assessments take into account the reviewers’ unbiased and knowledgeable analysis of the products and services being reviewed.

Ownership

GuideHaven is a leading cybersecurity review website with a team of experts experienced in testing and evaluating VPNs, antiviruses, password managers, parental controls, and software tools. Our reviews are available in 29 languages, making them accessible to a broad audience since 2018. To further support our readers in their pursuit of online security, we’ve partnered with Kape Technologies PLC, which owns popular products like ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, all of which may be reviewed on our website.

Affiliate Commissions

GuideHaven contains reviews that follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will take into consideration the independent, honest, and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, at no additional cost to them. On listicle pages, we rank vendors based on a system that prioritizes the reviewer’s examination of each service, but also considers feedback received from our readers and our commercial agreements with providers.

Review Guidelines

The reviews published on GuideHaven are written by community reviewers that examine the products according to our strict reviewing standards. Such standards ensure that each review prioritizes the independent, professional, and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may also take into consideration the affiliate commissions we earn for purchases through links on our website.

News Heading

New Golang-Based Malware Skuld Targets Discord and Web Browsers to Steal Sensitive Data

Shipra Sanganeria
Published by Shipra Sanganeria on June 15, 2024

A new malware strain based on the popular Golang programming language has been compromising Windows-based systems worldwide. Dubbed Skuld by researchers at Trellix, the malware has the ability to exfiltrate sensitive user information. By targeting the victim’s system and Discord account, the threat actor steals information stored in browsers, system files and folders.

Skuld’s modus operandi is quite similar to other open-source public repositories like Creal Stealer, Luna Grabber and BlackCap Grabber.

When executed, the malware first performs a check to see if it’s running in a virtual environment and for this it compares the downloaded list of running processes to a predefined blocklist. Should there be any similarity, Skuld terminates the matched process instead of removing itself. This process is done to avoid detection during analysis.

Through this method of attack, not only does the malware gather system metadata, but also extracts browser and system stored information like login credentials, history, and cookies. It also downloads system configuration data and information stored in windows user profile folders like Music, OneDrive, Downloads, Document, Videos, and Desktop.

The malware has the capability to bypass the security protection of Better Discord and Discord Token Protector. By injecting a JavaScript code into Discord, Skuld tries to extract the backup codes from the application, noted Trellix’s report. The extracted information is sent to the actor using Discord webhook or Gofile upload service.

The report went on to say that the malware is also working on developing a module to steal cryptocurrency assets. Researchers at Trellix have associated the threat actor known as Deathined with this malware, having accounts on various social media platforms like GitHub, Telegram, Reddit, and Tumblr. It is believed that in future, these accounts could be used to market it as a service for other hackers.

With the increasing use of Golang to develop these types of malwares as well as targeting of social media platforms like Discord, it is important to have strong security measures in place. Using the best password managers to suggest and store your passwords. Using an antivirus or a VPN to mitigate threats like phishing, identity theft helps you stay safe in the ever-changing cybersecurity landscape.

Did you like this article? Rate it!
 
 
 
 
 
I hated it I don’t really like it It was ok Pretty good! Loved it!
0 Voted by 0 users
Title
Comment
Thanks for your feedback