Clever Discord Scam Steals Steam Creds

You can also watch this video on LBRY

  • New discord scam uses the promise of free Nitro to lure victims to phishing page
  • Steam creds are stolen by use of a highly realistic looking fake sign in window

The new scam, initially reported on by Malwarebytes sees scammers using the bait of a month of free Nitro to lure Discord users to a phishing page.

Source: https://blog.malwarebytes.com/malwarebytes-news/2021/11/this-steam-phish-baits-you-with-free-discord-nitro/

The messages are spread via what appear to be discord bots. After loading the hyper realistic phishing page a steam log in window pops up, prompting users to link their steam account in order to redeem their free Nitro.

Source: https://blog.malwarebytes.com/malwarebytes-news/2021/11/this-steam-phish-baits-you-with-free-discord-nitro/

Unbeknownst to victims, this 'chrome window' is not a window at all, but rather fancy javascript giving the illusion of a chrome pop up. In fact it is a constituent of the page itself, the illusion is broken when you try to move the pop up beyond the bounds of the parent chrome tab.

Source: https://blog.malwarebytes.com/malwarebytes-news/2021/11/this-steam-phish-baits-you-with-free-discord-nitro/

Traffic analysis by Malwarebytes shows the true origin of the login page to be an actor controlled server. Inputting creds sends them straight to attackers whom will likely pillage any nabbed accounts.