—

MAL-2026-6549

Malicious code in discord-token-generator (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: kam193 (93b4fe1006dee186a1cbe4513b0f0c127912724aed5b3caf6bca4b0f27294b99) During import, package executes the embedded executable. It is an infostealer named internally as "NBSteal", focused on exfiltrating data from browsers, Telegram, Discord, Roblox and other gaming platforms, and other credentials.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-discord-token-generator

Reasons (based on the campaign):

- infostealer

- files-exfiltration

- obfuscation

- exfiltration-browser-data

- malware

- target:telegram

- exfiltration-credentials

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / discord-token-generator

No fixed version published yet for discord-token-generator (pip). Pin to a known-safe version or switch to an alternative.

References

https://www.virustotal.com/gui/file/c31597963a8e83fc068a70a6187abc4d8fb1a67b318fc20aebb298ad97377783/detection [EVIDENCE]
https://bad-packages.kam193.eu/pypi/package/discord-token-generator [WEB]