New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code
The Hacker News••technology
Key Points:
- Researchers have revealed a new Python-based malware called VVS Stealer, capable of stealing Discord credentials and tokens, which has been sold on Telegram since April 2025.
- The stealer is obfuscated using Pyarmor to evade detection and is available at low subscription prices, making it one of the cheapest stealers on the market.
- VVS Stealer persists on infected Windows systems by adding itself to the Startup folder and tricks users with fake error pop-ups while stealing data including Discord info, browser data, and screenshots.
- It performs Discord injection attacks by terminating the app and injecting obfuscated JavaScript to monitor network traffic, enabling session hijacking on compromised devices.
- The rise of such advanced, obfuscated malware is contributing to a cycle
