Tomcat
Professional
- Messages
- 2,687
- Reaction score
- 1,036
- Points
- 113
Discord user accounts are at risk - a dangerous vulnerability has been identified in the messaging service. The first rumors of a flaw in the authentication process began to surface yesterday among gamers using Discord voice chats to play together.
By the way, the gamer audience of Discord is due to the presence of its own game store and special tools tailored for players.
The vulnerability of the messenger affects the ability to authenticate through the corresponding QR code. This is how gamers log into their account, for example, on a desktop.
Attackers can use the QR code scanning function for their own purposes. As a result of a successful attack, full control of the victim's account goes into the hands of the criminal.
To exploit the vulnerability, an attacker must send the user a special message containing a QR code. In this case, the code is accompanied by the text: the hacker claims that the user can receive a prize by scanning the received QR code.
If the victim follows all of the attacker's instructions, the attacker gains full control over the Discord account. Note that this method helps bypass two-factor authentication.
