Scam Warning: New Lovoo/Yubo Watch-along Discord Scam Can Hijack Your Account and Spy on Your PC

If a friend hit you up on Discord recently asking you to download a new app to stream anime or movies together, you might want to double-check who you’re actually talking to. A dangerous new malware scam is making rounds on the platform, masquerading as a couple of popular watch-along clients named Lovoo and Yubo.

New Discord scam is here!

If anyone contacts you and asks you to download a watchalong client called lovoo/yubo, DO NOT open the link. They are compromised.

The site prompts you to download a file from a personal dropbox that will hijack your accounts and monitor your PC. pic.twitter.com/owJ2HbLZSe

— Dahl💖 (@DayumDahlia) May 30, 2026

According to reports circulating across Twitter and Tumblr, hackers are actively using compromised Discord accounts to target people on their friend lists, exploiting personal trust to spread malicious software.

How the Scam Works

The playbook for this scam relies heavily on social engineering. It usually plays out like this:

1. You receive a direct message from a friend asking you to join a private room to watch videos and movies.
2. They tell you that you need to download a specific desktop client either called the “Yubo Client” or “Lovoo Client” to sync the stream.
3. Clicking the link takes you to a fake landing page that prompts you to download an .exe file. Alarmingly, cybersecurity tests have noted these files are being hosted on personal Dropbox links rather than an official, secure company server.

What the Malware Actually Does

While the software is advertised as a harmless streaming alternative to tools like Hyperbeam or Watch2Gether, the actual payload is incredibly damaging. Once executed, the software installs an info-stealer and potential Remote Access Trojan onto your PC. It can:

• Monitor your PC activity and log keystrokes.
• Steal saved passwords and browser cookies.
• Hijack your Discord account, turning your profile into a puppet bot that automatically sends the exact same scam link to everyone on your friend list.

Because the messages come from legitimate friends who have already been hacked, users are much more likely to lower their guard and download the file.

How to Stay Safe

If you get a suspicious link or an out-of-the-blue request from a friend to download software, cybersecurity experts recommend a few quick checks:

• If a friend sends you a sudden download link, text or message them on another platform if it’s really them.
• Official apps don’t host their primary Windows installation executables out of a personal Dropbox folder.
• Discord already features official activities like Watch Together directly inside voice channels, which require zero external downloads.

If you suspect a friend’s account has been compromised, report the messages immediately. Reporting malicious links helps Discord’s Trust and Safety teams flag the domains and stop the spread before more accounts get compromised.

Sources:

• https://www.tumblr.com/scam-alerts/817061667006513152/scam-examination