Am a recent user of Discord, so this surprised me. But it is a way to get inside quickly. Also note Sophos Labs, new to me. Here just the intro.
Malware increasingly targets Discord for abuse
SophosLabs Uncut•Android malware•Discord•Information Stealers•Ransomware
Criminals abuse a successful chat service to host, spread, and control malware targeting their users.
22 JULY 2021
By Sean Gallagher, Andrew Brandt
Threat actors who spread and manage malware have long abused legitimate online services. As we found during our investigation into the use of TLS by malware, more than half of network traffic generated by malware uses TLS encryption, and 20 percent of that involved the malware communicating with legitimate online services.
During the timeframe of that research, we found that four percent of the overall TLS-protected malware downloads came from one service in particular: Discord. The growing popularity of the game-centric text and voice chat platform has not failed to draw the attention of malware operators.
Discord operates its own content delivery network, or CDN, where users can upload files to share with others. The service also publishes an API, enabling developers to create new ways to interact with Discord other than through its client application. We observed significant volumes of malware hosted in Discord’s own CDN, as well as malware interacting with Discord APIs to send and receive data. ... '
No comments:
Post a Comment