

Hazard Token Grabber is developed using Python, and the builder of this stealer supports Python version 3.10. The figure below shows the file details of one of the recent samples we analyzed. Figure 2 – Stats of the sample submission in VirusTotal

The number of samples related to Hazard stealer has increased significantly in the last three months, as shown below. Figure 1 shows the statement made by the Threat Actor. This indicates that the malware present on GitHub might not be that evasive, and the TA has only uploaded it there for advertisement purposes.

Interestingly few of the samples had either low or even zero detection.Īs per the statement made by the Threat Actor (TA), it appears that an upgraded version of Hazard Stealer can be accessed by purchasing it on their Discord server or website. Most of the samples seen in the wild are the actual Python source code of the malware used for compiling the binary, indicating that the malware has been used on a large scale.

Both versions are available on GitHub for free.ĭuring our OSINT threat hunting exercise, we came across over 2000 Samples related to this stealer present in the wild. The initial version of Hazard Token Grabber was spotted in the wild in 2021, and we have observed an upgraded version now, which Threat Actors (TAs) are using to steal the user’s data. This project was created for educational purposes only, so please do not use it to harm and damage This project was started because I wanted to learn about Discord's infrastructure and possible exploits, mean-while I made the base of this token-grabber (like a year ago) but, not long ago I continued this project and this is the final result, of course, I will update it and add more features in the future but mean-while remember to use your power for the good 😲.if you liked it consider to ⭐ this project and 🕵️ (follow) me 🤔.* The source code doesn’t need to be public when a distribution of the software is made.Modifications to the software can be released under any license.Changes made to the source code may not be documented.Upgraded version of Stealer Targeting Discord UsersĬyble Research Labs has come across a new strain of malware performing stealing activities named Hazard Token Grabber. With this tool you can generate executable files that will steal Discord tokens from a system and report them to your Discord server via Discord Webhooks. Eclipse is an open source Python Discord Token Grabber that can be used on Windows and OSX systems.
