DANGEROUS "Free Discord Nitro" SCAM

Popup (DOWN) - http://discordapp.gifts/billing/promotion/vUFkyPQVwCDYME6uuBMndHYa

A WhoIs lookup reveals the domain was registered via NameCheap on July 15, 2021 - Whois discordapp.gifts

According to user reports, the popup will ask them to scan a QR code, which allows for hackers to steal your login information and spread the scam to further victims.

Yes Once you scan the qr code they will recive your discord token

Just wanted to add that they have another domain under the name “discordapp.live” with the same URL (“discordapp(dot)live/billing/promotion/vUFkyPQVwCDYME6uuBMndHYa/”)!

DO NOT SCAN THE QR CODE!!!

EDIT: So I found their discord webhook that they were receiving tokens on and proceeded to spam it with porn using a script i made myself. Within two hours of doing this, the owners of the server receiving the stolen discord tokens had deleted the webhook. Though the website still has the old webhook url so all victims right now are not getting logged. i’m waiting till they update it so i can spam it with porn again. :joy::joy::joy:

4 Likes

:rofl: I Love that!

New domain is being used now and it’s “discordapp.one” using the same “/billing/promotion/” URL. The message is a bit different this time. Much more simple than the last message I’ve gotten. Also I’ve discovered that their hosting is 000webhost. If anyone wants to go ahead and report these domains to namecheap and 000webhost then we can at least get something shutdown for good. I’ve also reported the two webhooks they’ve used in the past to Discord. Hopefully this does something!

They are using a new domain known as “discord-app.cc”, the message is still a bit different but they are sending it from compromised accounts as opposed to new accounts.

discorcl.gift and others have came about obviously when typing like this it’s noticable, However it’s still the old time typo squat or replace a charactor with 2 others to make 1 letter like r +n to make the letter M and what not.