A new Windows malware called Exela collects your personal data from web browsers and social networks before transferring it to hackers by modifying the Discord software on your PC.
Malware that wants your personal data is unfortunately all too common. Regularly revealed, patches to protect against them are often deployed quickly afterwards, forcing hackers to find new ways to infect you. And more than that, they need to think of a way to recover the information they steal from you. One of the latest malicious programs discovered is rather original on this point.
His name is Exela and asks the victim, once launched, to enter a Discord address of type Webhook. It is a system used on the chat platform to simply send automated messages there, among other things. Until the person enters the requested URL, an error message is displayed. Once this is done, the malware will transform the Discord client installed on the computer so that it transmits the stolen data to hackers.
Malware steals sensitive data on Windows and sends it back to hackers via Discord
Exela is powerful: it targets Chromium-based browsers like Edge, Brave, Chromium, Opera Or Vivaldi. This is where it steals account identifiers and passwords, banking information, but also cookies and session data. He can too take screenshots. Without forgetting that the malware also passes through social networks (Facebook, TikTok, X, Instagram) and even Steam for that matter.
Read also – Beware of this malware on Discord, it steals your banking data and makes purchases without your knowledge
For the moment, there is nothing special to do to protect yourself from Exela, other than applying basic cybersecurity reflexes. Be careful which sites you visit, don’t download just any file, make sure your browser is up to date and use anti-virus software. The malware is currently spreading via infected web pages offering download software for free. It is possible that it will deploy in less obvious ways in the future.
Source: Cyber