The use of voice and text chat platform Discord is often seen as the new normal in coordination among communities and video game enthusiast groups.
Its popularity, however, has also meant Discord served as a “dumping ground for malware,” according to a report released by cybersecurity firm Sophos last Thursday, July 22.
Sophos analyzed 9,000 malware samples during the course of its work, with the malware running the gamut of types, from game hacking software to more malicious programs meant to take down servers or affect Discord users themselves. These include remote access tools, Android-specific malware, and ransomware.
From the samples analyzed, information-stealing malware was the most prevalent threat.
In a statement, Sophos senior threat researcher Sean Gallagher said, “Discord provides a persistent, highly-available, global distribution network for malware operators, as well as a messaging system that these operators can adapt into command-and-control channels for their malware – in much the same way attackers have used Internet Relay Chat and Telegram.”
Gallagher added Discord’s user base can also serve as an environment by which malicious actors can steal personal information or account credentials using social engineering techniques.
While Discord has taken Sophos’ report seriously and removed most of the malicious files analyzed by Sophos, it also needs to work on its security.
The Sophos report added that, “even for malware not hosted on Discord, the Discord API (Application Programming Interface) is fertile ground for malicious command and control network capability that conceals itself” using Discord’s transport layer security system.
Sophos’ full report is available here. – Rappler.com