Discord QR Flaw Exposing Personal Information Discovered
A potentially serious flaw in security on the Discord network could put your personal information at risk.
Twitter user @PirateSoftware announced the flaw on their Twitch channel on Sunday.
The flaw exploits the new option to log into Discord via QR code. Bypassing two-factor authorization (2FA), anyone with the Discord app on their phone could capture the QR code of any other user's login page and gain full access to their account information.
"Further, if the account that gets owned has Discord Nitro the attacker gets access to that users Address, Name, and it displays their PayPal email address," Pirate said in a Twitter thread.
We've reached out to Discord about this apparent flaw and are awaiting response.
Copyright 2020 D20NN. All rights reserved.