Discord is a cybercriminal’s wet dream, according to a new report from security company Sophos, which concluded that the messaging platform is a hotbed for malware.
Obviously, Discord has grown massively in popularity in recent years, but – as you’d expect – it has also grown extremely popular with hackers, who regularly use the platform to host, distribute and control malware online.
“Discord provides a persistent, highly-available, global distribution network for malware operators, as well as a messaging system that these operators can adapt into command-and-control channels for their malware – in much the same way attackers have used Internet Relay Chat and Telegram,” Sophos senior threat researcher Sean Gallagher said in the report.
After analysing more than 1,800 malicious files on Discord’s content distribution network (CDN), Sophos concluded that malware within the messaging platform has increased by 140 per cent year-on-year in the second quarter of 2021.
In the second quarter of 2021 alone, Sophos found 17,000 unique malware URLs in Discord’s CDN. And perhaps more concerningly, almost 5,000 of those are still active right now. Yikes.
“These scams are not harmless – we found one malware that can steal private images from the camera on an infected device, as well as ransomware from 2006 that the attackers have resurrected to use as ‘mischiefware.’ The mischiefware denies victims access to their data, but there’s no ransom demand and no decryption key,” Gallagher said.
“Further, adversaries have caught on that companies increasingly use the Discord platform for internal or community chat in the same way they might use a channel like Slack. This provides attackers with a new and potentially lucrative target audience, especially when security teams can’t always inspect the Transport Layer Security-encrypted traffic to and from Discord to see what’s going on and raise the alarm if needed.
“Discord users, whoever they are and whatever they use the platform for, should remain vigilant to the threat of malicious content that’s lurking within the service and not just leave it to the Discord platform to identify and remove suspicious files. In addition, IT security teams should never consider any traffic from an online cloud service as inherently ‘safe’ based on the trusted nature or legitimacy of the service itself. Adversaries could be hiding anywhere.”
The malware that is distributed via Discord generally comes disguised as things like gaming mods or bootleg versions of otherwise expensive software like Adobe Photoshop.
How To Avoid Malware On Discord
The easiest way to avoid having your PC infected with malware via Discord is to be particularly vigilant with files, links and attachments that point back to the Discord website, especially from people you don’t know.
Additionally, a reputable antivirus software will help protect you and will allow you to scan files before opening them for an added layer of protection.
Gizmodo Australia has reached out to Discord for comment.