Malware Abuses Core Features of Discord
Researchers warn that Discord's bot framework can be easily weaponized.
The popular Discord online platform is becoming a tempting target for bad actors: Researchers found malware employing the core features of Discord to allow an attacker to take screenshots, run keyloggers, and download and execute files.
The underlying issue, according to Check Point Research, is that Discord's API is wide open and doesn't require confirmation or vetting. That makes it ripe for abuse in malware development, botnet creation, C2 communication, and hosting malicious files. There are some 150 million active users of the platform, for chats, voice, and video calls.
Bottom line: The only solution is to disable all Discord bots, the researchers say.
"Preventing Discord malware can’t be done without harming the Discord community. As a result, it’s up to the users' actions to keep their devices safe," they wrote in a report. "As of now, any type of file, malicious or not, whose size is less than 8MB can be uploaded and sent via Discord. Because the file content isn’t analyzed, malware can be easily spread via Discord. As Discord's cache is monitored by modern AVs, which alert a user in case a received file is considered malicious, the files remain available for download. Until relevant mechanisms are implemented, users must apply safety measures and only download trusted files."
Read the full report here.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024