A threat actor updated the AnarchyGrabber trojan into a new version that steals passwords and user tokens, disables 2FA, and spreads malware to a victim’s friends. The new version of the trojan can also steal a user’s plain text password and command an infected Discord client to spread malware to victims’ friends on Discord. Most people won’t even know they are infected, and the infected user will continue to be part of the botnet whenever they connect to Discord. The only way to remove the malware is to uninstall the client and install it again.
Source: https://www.bleepingcomputer.com/news/security/discord-client-turned-into-a-password-stealer-by-updated-malware/