A sophisticated Discord scam using the name of popular YouTuber MrBeast is compromising user accounts worldwide, with reports suggesting that a significant number of users in Pakistan have also been affected.
The scam often appears as a fake giveaway but is actually designed to spread malware capable of hijacking Discord accounts without requiring passwords or bypassing traditional login credentials.
According to reports from affected users, the attack typically begins when victims receive a direct message from a friend’s already compromised Discord account. The message usually claims that the recipient has won thousands of dollars in credits for an online gambling or casino platform.
To make the scam appear legitimate, attackers often use fake screenshots featuring social media posts allegedly linked to MrBeast and promote fraudulent cryptocurrency-related offers.
Cybersecurity experts warn that the real threat is not the fake giveaway itself but an information-stealing malware operating behind the scenes.
The malware, commonly known as an info stealer, is designed to secretly collect sensitive information stored in web browsers, including saved passwords, browsing data, and authentication cookies.
By stealing authentication cookies, attackers can gain access to Discord accounts without needing passwords. Because the hackers use already authenticated sessions, Discord’s two-factor authentication protections may not prevent account takeover in such cases.
Victims have reported severe consequences after their accounts were compromised. In some cases, hijacked accounts were used to spread the scam further, while others were allegedly used to damage online communities, including the deletion of entire Discord servers.
Security researchers say the campaign appears to be part of a larger organized cybercrime operation rather than the work of individual hackers.
According to experts, malware developers create and sell information-stealing software to criminal groups, which then distribute it through pirated software, cracked applications, game cheats, and other untrusted downloads.
Once victims are infected, the stolen credentials and browser data are collected into databases known as “stealer logs.” These databases are later sold to scammers who use automated systems to hijack accounts and spread fraudulent messages to more users.
Users are advised to avoid downloading software from untrusted sources, enable security protections on their devices, regularly clear browser sessions, and remain cautious of unsolicited messages promising giveaways or financial rewards.
Also read: Gmail Hacked? Google Issues Major Statement Addressing The Concern
