This is a scam and probably a malware/trojan. Path Of Exile 2 builder ...
This threat is a scam and likely malware or trojan disguised as a 'Path Of Exile 2 builder' distributed via a Reddit post. The malware reportedly hijacks user sessions on Discord, YouTube, and Facebook, attempting to send direct messages on Discord using IP proxies. The malicious payload is contained within a zip file with an executable, which if run, infects the system. There is no official patch or vendor advisory available. The threat is currently not known to be exploited in the wild beyond the Reddit report.
AI Analysis
Technical Summary
A Reddit post on the r/Malware subreddit describes a scam involving a malicious executable disguised as a 'Path Of Exile 2 builder.' The malware reportedly hijacks sessions on multiple platforms (Discord, YouTube, Facebook) and attempts to propagate via Discord direct messages. The infection vector is a zip file containing an executable. No CVE or vendor advisory is associated with this threat, and no known exploits in the wild have been confirmed. The source information is limited to a single Reddit user report with minimal discussion.
Potential Impact
If executed, the malware can hijack user sessions on popular platforms, potentially leading to unauthorized access and messaging on behalf of the victim. This could result in account compromise and further spread of the malware through social engineering on Discord. No broader impact or confirmed widespread exploitation is documented.
Mitigation Recommendations
No official patch or vendor advisory exists for this threat. The primary mitigation is user awareness to avoid downloading or executing suspicious files, especially those distributed via unofficial channels such as Reddit links. Users should not run executables from untrusted sources and should maintain updated endpoint protection solutions. Since this is a malware scam, no direct patch is applicable.
This is a scam and probably a malware/trojan. Path Of Exile 2 builder ...
Description
This threat is a scam and likely malware or trojan disguised as a 'Path Of Exile 2 builder' distributed via a Reddit post. The malware reportedly hijacks user sessions on Discord, YouTube, and Facebook, attempting to send direct messages on Discord using IP proxies. The malicious payload is contained within a zip file with an executable, which if run, infects the system. There is no official patch or vendor advisory available. The threat is currently not known to be exploited in the wild beyond the Reddit report.
Reddit Discussion
This hijacked my Discord, Youtube and Facebook sessions, it mostly tried on Discord to message (DM) there was no channel or server activity. Very strange, it has IP proxies all over. I tried to post on r/github and ... well, ok, they are not GitHub affiliated so yeah sorry. The actual malware is in the zip - exe file if you run it, on releases. So please do not ever do that. Ty.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A Reddit post on the r/Malware subreddit describes a scam involving a malicious executable disguised as a 'Path Of Exile 2 builder.' The malware reportedly hijacks sessions on multiple platforms (Discord, YouTube, Facebook) and attempts to propagate via Discord direct messages. The infection vector is a zip file containing an executable. No CVE or vendor advisory is associated with this threat, and no known exploits in the wild have been confirmed. The source information is limited to a single Reddit user report with minimal discussion.
Potential Impact
If executed, the malware can hijack user sessions on popular platforms, potentially leading to unauthorized access and messaging on behalf of the victim. This could result in account compromise and further spread of the malware through social engineering on Discord. No broader impact or confirmed widespread exploitation is documented.
Mitigation Recommendations
No official patch or vendor advisory exists for this threat. The primary mitigation is user awareness to avoid downloading or executing suspicious files, especially those distributed via unofficial channels such as Reddit links. Users should not run executables from untrusted sources and should maintain updated endpoint protection solutions. Since this is a malware scam, no direct patch is applicable.
Technical Details
- Source Type
- Subreddit
- Malware
- Reddit Score
- 0
- Discussion Level
- minimal
- Content Source
- reddit_link_post
- Post Type
- link
- Domain
- null
- Newsworthiness Assessment
- {"score":33,"reasons":["external_link","newsworthy_keywords:malware,trojan","established_author","very_recent"],"isNewsworthy":true,"foundNewsworthy":["malware","trojan"],"foundNonNewsworthy":[]}
- Has External Source
- false
- Trusted Domain
- false
Threat ID: 6a1ed49ee29bf47b50cdcf9b
Added to database: 6/2/2026, 1:03:26 PM
Last enriched: 6/2/2026, 1:03:32 PM
Last updated: 6/2/2026, 6:26:06 PM
Views: 61
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.