Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and payment information.
The malware can also steal credentials stored in the browser, cryptocurrency wallet data, and game accounts.
RedTiger is a Python-based penetration testing suite for Windows and Linux that bundles options for scanning networks and cracking passwords, OSINT-related utilities, Discord-focused tools, and a malware builder.
Discord-related tools in RedTiger
Source: GitHub
RedTiger's info-stealer component offers the standard capabilities of snatching system info, browser cookies and passwords, crypto wallet files, game files, and Roblox and Discord data. It can also capture webcam snapshots and screenshots of the victim's screen.
Although the project marks its dangerous functions as "legal use only" on GitHub, its free and unconditional distribution and the lack of any safeguards allow easy abuse.
RedTiger's malware builder
Source: GitHub
According to a report from Netskope, threat actors are now abusing RedTiger's info-stealer component, primarily for targeting French Discord account holders.
... continue reading