The D20NN logo and wordmark "D20 News Network" are not affiliated with Wizards of the Coast, publishers of the "D20 SYSTEM."

 

Copyright 2019-2020 D20 News Network LLC. All rights reserved.

Terms of Service      Privacy Policy

  • YouTube - White Circle
  • LinkedIn - White Circle
  • D20NewsDesk

Discord QR Flaw Exposing Personal Information Discovered

A potentially serious flaw in security on the Discord network could put your personal information at risk.

PirateSoftware/Twitter

Twitter user @PirateSoftware announced the flaw on their Twitch channel on Sunday.


The flaw exploits the new option to log into Discord via QR code. Bypassing two-factor authorization (2FA), anyone with the Discord app on their phone could capture the QR code of any other user's login page and gain full access to their account information.




"Further, if the account that gets owned has Discord Nitro the attacker gets access to that users Address, Name, and it displays their PayPal email address," Pirate said in a Twitter thread.


We've reached out to Discord about this apparent flaw and are awaiting response.


Copyright 2020 D20NN. All rights reserved.


2 views