Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks.

The code decrypts a series of scripts that establish communication with a GitHub repository to download the final-stage payload, which leverages Discord webhooks to exfiltrate victim data.

Discord webhooks being used as stolen data drops Discord contains a feature called webhooks that allows websites or external applications to send messages to a Discord channel.