Indawo yokugcina ye-NPM ichonge iipakethe ezikhohlakeleyo ezili-17 ezasasazwa kusetyenziswa uhlobo lwe-squatting, okt. ngonikezelo lwamagama afanayo namagama amathala eencwadi adumileyo ngolindelo lokuba umsebenzisi uya kwenza ukuchwetheza xa echwetheza igama okanye akayi kuqaphela umahluko xa ukhetha umnqongo kuluhlu.
I-discord-selfbot-v14, i-discord-lofy, i-discordsystem, kunye neepakethe ze-discord-vilao zisebenzise uguqulelo olulungisiweyo lwelayibrari ye-discord.js esemthethweni, ebonelela ngemisebenzi yokusebenzisana ne-Discord API. Amacandelo anobungozi adityaniswe kwenye yeefayile zepakethe kwaye aquka malunga nemigca ye-4000 yekhowudi, i-obfuscated isebenzisa igama eliguquguqukayo le-mangling, i-string encryption, kunye nokuphulwa kwekhowudi yokufomatha. Ikhowudi iskena i-FS yendawo yeethokheni zeDiscord kwaye, ukuba ichongiwe, izithumele kumncedisi wabahlaseli.
Iphakheji yempazamo yokulungisa ibibangwa ukuba ilungisa iibugs kwiDiscord selfbot, kodwa ibandakanya usetyenziso lweTrojan olubizwa ngokuba yiPirateStealer eba amanani ekhadi letyala kunye neeakhawunti ezinxulumene neDiscord. Ilungu eliyingozi lenziwe lasebenza ngokufaka ikhowudi yeJavaScript kumxhasi weDiscord.
Iphakheji ye-prerequests-xcode iquka iTrojan yokulungelelanisa ukufikelela kude kwinkqubo yomsebenzisi, ngokusekelwe kwisicelo seDiscordRAT Python.
Kukholelwa ukuba abahlaseli banokufuna ukufikelela kwiiseva zeDiscord ukuze bafake iindawo zokulawula i-botnet, njenge-proxy yokukhuphela ulwazi kwiinkqubo eziphazamisekileyo, ukugubungela ukuhlaselwa, ukusabalalisa i-malware phakathi kwabasebenzisi be-Discord, okanye ukuthengisa ii-akhawunti zeprimiyamu.
Iipakethe zibopha iwafer, iwafer-autocomplete, wafer-beacon, wafer-caas, wafer-toggle, wafer-geolocation, wafer-image, wafer-form, wafer-lightbox, octavius-public kunye nemrg-umyalezo-broker ibandakanya ikhowudi ukuthumela imixholo yezinto eziguquguqukayo zemo engqongileyo, ezinokuthi, umzekelo, zibandakanye izitshixo zokufikelela, amathokheni okanye amagama ayimfihlo kwiinkqubo eziqhubekayo zokudibanisa okanye iimeko zefu ezifana ne-AWS.
umthombo: opennet.ru