Warning: New DISGOMOJI malware uses Discord emoji to steal data!
What is DISGOMOJI malware?
Volexity discovered the DISGOMOJI malware in June 2024, linking it to a Pakistan-based group tracked as UTA0137.
The malware targets Linux devices using the BOSS distribution, mainly used by Indian government agencies. However, it could theoretically be used against any Linux distribution and written in the adaptable Golang programming language.
However, the most interesting part of DISCOMOJI is the use of Discord emoji to control infected devices. Instead of sending verbal commands like you see with most malware, DISCOMOJI operators can send specific Discord emojis to perform actions.
How does this emoji-controlled malware work?
First, malware must be installed for the attacker to gain control of the target device. The target device is sent a fake document containing a malicious file, which when executed, downloads the DISCOMOJI malware. Upon launch, DISCOMOJI steals data from the target machine, such as local information, usernames, hostnames, malware installation folders, and data from any connected USB devices.
The malware then connects to a Discord server controlled by the attacker, calling back to wait for new instructions. The attackers used something called discord-c2, an open source command and control project that uses Discord as a control point for infected devices. Once the malware connects to the Discord server, the attacker can use multiple emojis to prompt the malware, with a range of different parameters available.
The Discord emojis used by this malware are summarized below:
emoji | Emoji name | Command description |
---|---|---|
You should read it
- Fortune honors Steve Jobs as 'CEO of the decade'
- Wireless phone charger is like a camera lens
- In addition to Math, Physics, Chemistry ... the following 7 subjects will help you be successful in the future
- How to create the index on the bottom, write the exponent in Word
- Valve set a record with 7 million Steam users at the same time
- Instructions for finding and merging duplicate contacts in Google
- Instructions for using the Bluetooth headset properly
- Summary of Touchpad operations on Windows 10
- Install Role, configure role on Windows Server 2012
- 7 reasons girls should learn and manage computer networks
- AMD Ryzen 5 3600X Review: Great multi-threaded support, overclockable
- How to secure data when working from home
Maybe you are interested
This Simple Android App Proves Anything Can Contain Malware
BadBox Malware Is Picking Up Speed, Targeting Certain Android Devices
Warning of new dangerous malware attack campaign targeting Linux
Downloaded malware? Try these fixes before factory reset!
SteelFox Trojan: Malware Turns PCs Into Cryptocurrency Mining Zombies
Remcos Alert: Ingenious Excel Phishing Campaign Spreading Dangerous Fileless Malware