Abaddon Remote Access Trojan

Researchers from MalwareHunterTeam have discovered a new remote access trojan (RAT) called ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The Abaddon malware connects to the Discord command and control server to check for new commands to execute.

Abaddon will attempt to collect the following  data:

  • file directory lists
  • system information
  • saved payment credentials
  • multi-factor authentication information

It will then connect to hard-coded URL corresponding to a Discord chat server, which is used to pass commands from it’s operators. By default, Abaddon is able to:

  • download and upload files or directories
  • enumerate connected drives
  • open a reverse web-shell
  • send collected information.

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: