New VVS Stealer Malware Targets Discord Users via Fake System Errors

Palo Alto Networks’ new report reveals VVS Stealer uses Discord Injection and fake error messages to steal tokens and MFA codes. Protect your account from this new Python-based threat.

A new Python-based threat called VVS Stealer (or VVS $tealer) has surfaced that specifically aims to raid the accounts of Discord users. This malicious software has been circulating quietly since at least April 2025, but its inner workings were recently disclosed by security experts at Palo Alto Networks’ Unit 42.

Researchers found that the malware arrives as a PyInstaller package, which essentially means it’s ready to run on almost any Windows machine without requiring any additional setup.

As we know it, Discord is the go-to hub for millions of gamers, which is exactly why it’s such a prime target. This malware’s main goal is to snatch tokens (digital keys that keep you logged in without a password), using ...