Be careful if you use this messaging app: you could be a victim of a Trojan that steals your money.

DoubleTrouble is a computer virus that has been designed to steal banking data. and other confidential information. While this malware isn't new, it's now being distributed in the form of downloadable files located on Discord , a popular online instant messaging and voice chat platform that users use to communicate while playing video games, among other things.

How the DoubleTrouble banking Trojan works

As reported by TechRadar , DoubleTrouble works like a banking Trojan that infiltrates a phone under the guise of a normal program to steal the victim's data. When it first appeared, it was shared from fraudulent websites imitating European banks, displaying fake screens prompting users to enter their passwords and displaying their typing and even capturing screen lock information.

But researchers at cybersecurity firm Zimperium have discovered that it can now also record screens , record everything typed into Google more accurately, and display new fake pop-ups to trick users. Most worrying is that these new versions come disguised as the Google Play icon , which makes it easy to go completely unnoticed.

As if that weren't enough, the file containing the virus is no longer downloaded from a suspicious website, but from links shared on Discord in APK format . Once the user installs it, the virus hides as if it were a normal app and begins requesting permissions, one of the most dangerous being access to the operating system's Accessibility Services , which allows the malware to control large parts of the device without the user realizing it.

This virus not only puts bank accounts at risk, but also other data such as social media passwords, emails, etc. So if you use Discord, the best thing you can do to avoid this is to avoid downloading APK files that don't come from the official Google Play store . However, you should always carefully review the requested permissions and have a reliable antivirus.