On Windows Discord Client, there’s a new malware going around, which acts like a hack that helps you get the premium Discord Nitro service without paying. However, it is used for stealing the user credit card info, tokens saved in several browsers, and then distributed to others.
The newly discovered Malware is called the “NitroHack,” which modifies the Windows Discord client into a trojan for stealing info.
When the client is altered, the Malware will start sending the user tokens of the victim to the Discord channel of the attacker each time they start the Discord client. To get the tokens, the NitroHack will copy the databases of browsers such as Firefox, Opera, Chrome, Chromium, Brave, Discord, Yandex Browser, and some more.
The Malicious act wasn’t limited to people who use the Windows Discord client alone, as it also performed this malicious act to users who signed in via the web.
To acquire users’ debit/credit card information, the malware will connect to the “https://discordapp.com/api/v6/users/@me/billing/payment-source” and then steal the payment info saved there.
If you feel this Malware has infected your discord client, you can verify by opening the “%AppData%\\Discord\0.0.306\modules\discord_voice\index.js” with notepad, then ensuring that there aren’t any alterations at the bottom of the file.
A file that hasn’t been modified will end with this line:
module.exports = VoiceEngine;
If there’s anything else after this in your client, there’s a high tendency that it has been infected, except you made the modifications yourself.