Discord has quickly become one of the most popular communication platforms, with over 150 million active users. Unfortunately, that also makes it an attractive target for hackers.
As a Discord user, it’s important to be vigilant and know the signs that your account may have been compromised. In this post, I’ll walk through the top indicators that your Discord is hacked and what you can do about it.
How to Tell if Someone Has Hacked Into Your Discord Account
Suspicious Login Activity
One of the clearest signs that your Discord has been hacked is noticing login activity from unknown locations or devices. Discord shows you the IP addresses used to login to your account under ‘Authorized Apps’ in User Settings. Scan through these and look for any logins from places you don’t recognize.
Discord also emailed you each time a new device or browser logs into your account. Check your email history for any login notification emails you don’t remember getting. Hackers often try to remove these emails to cover their tracks, so their absence can also be a red flag.
If you see any unfamiliar logins, change your password immediately and enable two-factor authentication for added security.
New Admins or Permissions
Sneaky hackers may grant themselves admin powers or expanded permissions in servers where you’re already a member. That lets them operate undetected within servers you frequently use.
Comb through your roles and permissions on important servers to make sure you recognize every admin or elevated role. Hackers often add special roles, like “Bots” to mask their activity.
Also check the audit log for recent changes. The audit log records events like role assignment and permission changes, allowing you to spot unauthorized modifications. Watch for unfamiliar usernames granting themselves roles or permissions.
Strange Messages Sent From Your Account
Another giveaway that your account has been taken over is seeing odd messages sent from your account that you didn’t write.
Discord doesn’t let you delete sent messages, so scroll up through your recent conversations and look for any messages you don’t remember sending. Subtle spam links disguised as innocent messages are common.
Also look for out-of-character conversations that seem off. Hackers may chat with your friends impersonating you to try and infect their computers or steal information.
If anything looks suspicious, change your password and alert your friends your account was compromised.
Increased Bot Activity
Bots are another giveaway a hacker could be lurking in your Discord account. Hackers often add bots to access features like mass messaging or server lookup.
Keep an eye out for any new unauthorized bots or bot servers on your account. Even well-intentioned bots like MEE6 could be exploited by hackers who add malicious code. Remove any bots or bot servers you don’t remember permitting.
Activity from self-bots – bots running under user accounts – is especially concerning. Self-bots violate Discord’s terms and signal your account has been seriously compromised. Completely reset your password if you discover a self-bot connected to your profile.
Servers You Didn’t Join
Check the server list on your account. Are there any new servers you didn’t choose to join?
Hackers often add accounts they compromise to servers for spamming or raids. If there are unfamiliar servers in your list, leave them immediately and reset your password.
Also review your list of blocked servers and users. Hackers may block servers to prevent you from seeing their activities.
Friends You Didn’t Add
In a similar vein, scrutinize your friend list. Are there any new connections you don’t recognize?
Hackers add friend accounts through compromised users for easier communication. You can sort your friend list by “Added”, which brings any unfamiliar accounts they added to the top. Remove any random friends.
Head to your user profile page. Hackers often change profile settings to remove identifying info or make the account seem legit when sold.
Look for any changes to your username, bio, avatar, badges, About Me section. Revert any changes the hacker made.
Also check your profile visibility settings. Hackers sometimes change this to “Offline” to avoid detection.
Missing Nitro Subscription
If you had an active Nitro subscription that suddenly deactivated, that’s a sign your account got hijacked. Hackers often steal Nitro benefits or deactivate auto-renewals.
Check under User Settings > Subscriptions to see your status. If Nitro is gone, change your password and contact Discord Support to get your subscription reactivated.
Can’t Access Your Account
If you try logging into your account and keep getting errors or get redirected to a password reset, that likely means the hacker changed your password.
Attempt resetting your password through your email. If that doesn’t work, your email may also be compromised. Contact Discord Support via a different account to recover access to your account and email.
Enabling two-factor authentication prevents hackers from changing credentials.
How Did My Discord Get Hacked?
There are a few common ways hackers gain access to Discord accounts:
- Weak/Reused Passwords – If your password is easy to guess or you reuse it across sites, hackers can easily brute force or phish it. Always make unique complex passwords.
- Malware/Keyloggers – Malicious software can record your keystrokes and steal login details. Keep your devices and antivirus software up-to-date.
- Phishing Scams – Fake login pages steal accounts. Avoid clicking sketchy links and check the URL before entering info.
- Credential Stuffing – Hackers try leaked credentials from other sites on Discord. Use different passwords for every account.
- Social Engineering – Hackers may manipulate you into handing over your password through impersonation. Stay vigilant against suspicious requests.
- Exploits – Hackers find and abuse vulnerabilities in Discord’s code to gain access. Make sure your Discord app is updated to the latest version.
What To Do If Your Discord Is Hacked
You can read the full guide on how to secure your account from here. If you confirm your Discord has been compromised, here are the simple steps to take:
- Reset your password – Change your password immediately and enable two-factor authentication via Authy or Google Authenticator for added security.
- Revoke OAuth authorizations – Remove any unauthorized third-party apps hackers may have connected to your Discord under User Settings > Authorized Apps.
- Scan devices for malware – Run malware/virus scans on any computers or devices used to access Discord in case they are infected.
- Contact Discord Support – Submit a hack report to Discord through support.discord.com so they can investigate and restore your account.
- Alert your server admins – Let admins of shared servers know to watch for potential hacking activities.
- Change passwords on other accounts – If you reused your Discord password elsewhere, change those as well to stay secure.
- De-authorize device logins – Remove all previously linked devices under User Settings > Logins and re-authorize your personal devices.
- Review recent activity – Check your message history, servers joined, profile changes, etc. to see everything the hacker may have done through your account.
- Warn your friends – Let close friends you chat with know about the hack in case the perpetrator reached out to them already in disguise.
Staying vigilant and moving quickly to secure your account can help limit the damage from a Discord hack. Make your account as hack-proof as possible going forward.
FAQs About Discord Account Hacks
How do I know if my Discord was hacked?
The main signs your Discord was hacked include suspicious login locations, odd messages sent through your account, new unauthorized servers/friends, and sudden changes to your profile or Nitro subscription. Strange activity indicates your account is compromised.
What should I do if my Discord is hacked?
If your Discord is hacked, reset your password immediately and enable two-factor authentication. Revoke any unauthorized app permissions, scan devices for malware, and contact Discord support to investigate and restore your account.
Can someone hack my Discord without my password?
It is possible but difficult. Hackers mainly rely on stolen credentials or social engineering. Securing your password and avoiding phishing scams limits the ability for your account to be compromised without consent.
Why do hackers want to hack Discord accounts?
Hackers hijack Discord accounts for sending spam, social engineering attacks, server raids, spreading malware, and reselling the account. Compromised accounts can also be used as backdoors into associated email addresses or other linked accounts.
How can I prevent my Discord from being hacked?
Using strong unique passwords, enabling two-factor authentication, avoiding suspicious links/files, keeping software updated, and being cautious when contacted by “friends” asking for information can help prevent your Discord from being compromised.
I think my email associated with Discord was hacked, what should I do?
If the email on your Discord account was compromised, contact that email provider immediately to secure your account there. Change your Discord password and enable two-factor authentication through an authenticator app instead of email for added protection.
Can hackers see my Discord DMs if my account is hacked?
Unfortunately yes, compromising a Discord account gives hackers access to your servers, settings, and full message history, including DMs. Scrutinize recent conversations to see if the hacker was impersonating you to contacts.
How do I completely log out all sessions on my Discord account?
On desktop, go to User Settings > Logins > Log Out Of All Sessions. On mobile, go to User Settings > Logged In Devices > Log Out Of All Sessions. This will revoke access across all currently logged in devices for that account.
Should I delete my Discord account if it gets hacked?
Deleting your account is not necessary if you secure it after being hacked. Simply resetting your password and enabling two-factor authentication should be enough to regain control and prevent future unauthorized access.