Categories > WeAreDevs > Hangout >
Why only token loggers
Posted
Why is the most common virus in exploits discord token loggers? Why not create botnets or log chrome passwords? Or even install a rootkit. Heck, just corrupt the system registry.
Just wanna know. Or maybe you have an opinion on it or something. Also hopefully im not giving any ideas to evil doods who want to turn their exploit into malware.
Replied
Because all they know is skidding other skidded loggers and other than that they can't do anything else beside pasting. Their brain is too smoll and they can't think outside of a metal box
Too dumb for a botnet or browsers logger
Cancel
Post
Programmer (noun.)
A machine that turns coffee into code.
OwO What's This
Replied
^^^^^^^^^^^^^^^^^^^^^
Content length must be 10-5000 chars
Cancel
Post
Replied
Token logging is more simple than anything, this is because your only target is Discord, and it's rounded down to 3 total clients - each with almost identical methods of saving your token locally, just with their names being different (Discord, Discord Canary, Discord PTB). All of them store the user's token as a form of caching in a plaintext (non-encrypted) and not a permission-secured file.
Browsers, on the other hand, are plentiful and their password storing measures are all very different and a lot even employ password security if the user is not a retard and cares to change a few settings. On the browser side of things, you have quite a few options:
* Chrome - Most popular choice, highest market share (~60%), no native security (relies on Windows credentials), Google spyware
* Firefox - Second most popular choice with people with brains, smaller market share of about ~10%, when configured with clockwise encrypts all passwords at rest, preventing theft.
* Edge - Third most popular choice for brainlets who just installed Windows, no native security (relies on Windows credentials), Microsoft spyware.
This is ignoring other browsers:
* Entire Opera lineup - Opera, Opera Mini, Opera GX.
* Chrome derivatives - Chromium (open source and not-as-spyware chrome version), Ungoogled Chromium (open source not spyware chrome version)
* Chromium-based - Edge, Brave, countless other browsers.
* Firefox-based - Onion browser, countless other browsers.
Most browsers have their logins in plaintext and unencrypted, some use Windows credentials which are a (you guessed it) Microsoft backdoored feature that doesn't really protect your passwords from anyone as long as your computer is on. Some like Firefox give the users tools to never store logins to disk without encryption, with lockwise which is pretty cool if you ask me.
TLDR: First point, too many browsers, users may not be stupid enough to have passwords unencrypted.
Logging Discord tokens is also safer for the malware, as not attempting to access browser files gives it a boost in not being detectable by a lot of commercial anti-malware software. The same goes for rootkits, rats.
Rootkits and rats are more dangerous and 'profitable' for the attacker, yes, but factors such as firewalls, antimalware software, ease-of-use are also at play.
Don't want such issues? Switch to GNU/Linux and abandon proprietary software with unknown safety and privacy ratings.
Cancel
Post
it will no longer be possible to contact me here, but i will be on session for at least a bit :)
0520984e5ed65f84673ff6d3421d89a3b3e1dff2ed54cbd4ed012351789a347913
Replied
I ask myself the same thing
If I wanted to create exploit malware I'd use some rat or password logger not a discord token logger :/
Cancel
Post
Users viewing this thread:
( Members: 0, Guests: 1, Total: 1 )
Cancel
Post