Ratty Bot 2021 _top_ May 2026

Have you or your server been hit by Ratty Bot or similar malware in the past? Share your story in the comments below (but don’t post any suspicious links!).

If you were active on Discord in 2021, you likely heard a whispered warning: "Don’t click that link. It’s Ratty." To many, Ratty Bot was the boogeyman of the platform—a malicious application that promised game stats or server utilities but instead stole tokens, compromised accounts, and ripped apart communities. For security researchers, however, Ratty Bot 2021 represented a watershed moment in the evolution of platform-specific malware. ratty bot 2021

Published: March 15, 2025 Reading time: 7 minutes Have you or your server been hit by

This article explores what Ratty Bot was, how it operated at its peak in 2021, the damage it caused, and the lessons the Discord community learned. “Ratty Bot” was the colloquial name given to a family of malicious Discord bots and account takeover (ATO) tools that surged in popularity during 2021. The name derived from “RAT” (Remote Access Trojan), combined with the bot-like nature of Discord automation. It’s Ratty

| | Pre-Ratty (early 2021) | Post-Ratty (2022+) | | --- | --- | --- | | OAuth2 permissions screen | Compact, easily skipped | Expanded, full-screen warning | | messages.read scope | Available to any bot | Removed entirely for user bots | | Token theft detection | None | Automatic token revocation on suspicious login | | Verified bot checkmark | Only for partners | Extended to high-usage bots | | User education | Minimal | In-app popups about OAuth scams |