Nikki Stealer


            Ex-Defacer Turns Seller of Discord Stealer

            By Rajhans Patel, Dark Web Researcher, CYFIRMA





            Executive Summary

            At CYFIRMA, we are committed to offering up-to-date insights into prevalent threats and tactics employed
            by malicious actors, targeting both organizations and individuals. This thorough examination delves into
            the widespread adoption of ‘Nikki Stealer’, a malicious tool available for purchase on Discord or Telegram.
            The developer, who has a history as a defacer, now sells this stealer, designed to steal Discord tokens,
            browser  cookies,  and  credentials,  with  numerous  users  utilizing  the  tool.  Our  research  explores  the
            various evasion techniques utilized by threat actors to avoid detection, while also shedding light on the
            intricate processes involved in creating resilient malware payloads.









                                                                                                            114