NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens
The NitroRansomware malware strain launched a new campaign demanding Discord Nitro gift codes from victims instead of actual money. Although this seems like a less viable threat, research into the campaign showed that the NitroRansomware can then inflict serious damage in follow-up attacks on the same victims. The platform, Discord is an instant messaging service designed for creating communities. It allows users to communicate via voice and video calls, text messaging, and private chats.
Although Discord is free, an upgrade subscription called Nitro can be purchased for $9.99, allowing users to use HD video streaming and other benefits. The campaign was initially spotted by MalwareHunterTeam’s researchers. NitroRansomware’s operation consists of executing ransomware against a victim, encrypting their file. The victim is allotted three hours to provide a valid Discord Nitro code, according to researchers. The ransomware then verifies if the gift code is valid, and decrypts the files using an embedded key. Researchers found that the three-hour time limit is merely a scareware tactic, however, and if the timer reaches zero no files are actually deleted.