If this situation arises, act immediately to secure your account and prevent further harm. Below, we’ll explain how to revoke the hacker’s access and protect your account from future attacks.
Step 1. Change Your Password Immediately
When you log into Discord, the platform generates a unique authentication token that remains active until you log out or reset your password. If hackers gain access to this token (e.g., through malware), they can control your account even without your password. Changing your password immediately invalidates all active sessions and resets your authentication token. This severs the hacker’s access and stops further unauthorized actions.
Step 2. Enable Two-Factor Authentication (2FA)
Even after changing your password, hackers can still access your account if they obtain your new credentials. Two-Factor Authentication (2FA) adds an extra level of security by requiring a time-sensitive code (sent to your phone or authenticator app) in addition to your password. This ensures that even if your password is compromised, attackers can’t log in without physical access to your device.
Step 3. Review Authorized Apps
Some apps or bots you’ve connected to Discord might have permissions to send messages or access your account. If these apps are hacked or malicious, hackers can use them to send spam or phishing links to your friends and servers. Here’s how to audit and remove them:
Step 4. Scan for Malware
If your account was hacked, malware such as token loggers or keyloggers might still be lurking on your device. These malicious programs can steal your new password or Discord token even after you’ve changed it.
Windows: Open Windows Security → Virus & Threat Protection → Run a full scan.Mac: Use Malwarebytes (free) or rely on Apple’s built-in XProtect (scans automatically).
After scanning, check Discord’s security logs: Go to Settings → Privacy & Safety → Security to review recent logins and active sessions. Why this matters: Malware like RedLine Stealer or Vidar (common tools for stealing gaming/chat app credentials) can lurk in your system. A full scan removes these threats and prevents hackers from sneaking back into your account. Below, we’ll walk through the Windows process step-by-step: If threats are found, follow Windows Security’s prompts to quarantine or remove them. Restart your PC, then check Discord for unusual activity.
Step 5. Inform Your Contacts
If you’re worried your account might still be at risk, warn your friends about potential suspicious messages. A quick heads-up ensures they avoid clicking harmful links, protecting them and maintaining your reputation. Example message: “Hey, my Discord might still be hacked. Don’t click any strange links from me until I confirm it’s fixed!” If your account remains compromised after following these steps, reach out to Discord’s support team directly:
