Malware Increasingly Targets Discord for Abuse (sophos.com) 20
Threat actors who spread and manage malware have long abused legitimate online services. As we found during our investigation into the use of TLS by malware, more than half of network traffic generated by malware uses TLS encryption, and 20 percent of that involved the malware communicating with legitimate online services. During the timeframe of that research, we found that four percent of the overall TLS-protected malware downloads came from one service in particular: Discord. From a report: The growing popularity of the game-centric text and voice chat platform has not failed to draw the attention of malware operators. Discord operates its own content delivery network, or CDN, where users can upload files to share with others. The service also publishes an API, enabling developers to create new ways to interact with Discord other than through its client application. We observed significant volumes of malware hosted in Discord's own CDN, as well as malware interacting with Discord APIs to send and receive data.
Several password-hijacking malware families specifically target Discord accounts. SophosLabs also found malware that leveraged Discord chat bot APIs for command and control, or to exfiltrate stolen information into private Discord servers or channels. As the origins of the service were tied to online gaming, Discord's audience includes large numbers of gamers -- including players of youth-oriented titles such as Fortnite, Minecraft, or Roblox. Among the malicious files we discovered in Discord's network, we found game cheating tools that target games that integrate with Discord, in-game. The tools allegedly make it possible, exploiting weaknesses in Discord's protocols, for one player to crash the game of another player. We also found applications that serve as nothing more than harmless, though disruptive, pranks.
Several password-hijacking malware families specifically target Discord accounts. SophosLabs also found malware that leveraged Discord chat bot APIs for command and control, or to exfiltrate stolen information into private Discord servers or channels. As the origins of the service were tied to online gaming, Discord's audience includes large numbers of gamers -- including players of youth-oriented titles such as Fortnite, Minecraft, or Roblox. Among the malicious files we discovered in Discord's network, we found game cheating tools that target games that integrate with Discord, in-game. The tools allegedly make it possible, exploiting weaknesses in Discord's protocols, for one player to crash the game of another player. We also found applications that serve as nothing more than harmless, though disruptive, pranks.
Security is everyone's problem. (Score:3)
So basically Discord needs to do a better job of policing it's CDN, and filtering on it's API.
Re: (Score:2)
Who does the CDN and API belong to?
Name a program Discord (Score:4, Funny)
Discord *is* abuse (Score:4, Insightful)
It's like IRC with too many garish colors, designed to keep people with ADHD engaged for as long as possible. For those of use blessed with the gift of sight and a taste for subdued classy color schemes, it's godawful.
Re: (Score:2)
Its block function doesn't even work properly. Even IRC got it right. Friend of mine says about almost every Discord feature "MSN did it first, MSN did it better" and he is absolutely right. MS completely fucked the pig on that.
Damn fucking USA headlines (Score:2, Funny)
"Malware Increasingly Targets Discord for Abuse "
"Target" is a retail store
"Discord" is an instant messaging platform
So my question is: is "Abuse" yet another company/product/service with a stupid name, or do they really mean abuse in the sense of abusing?
Shocking (Score:2)
Game cheating and pranking tools on a gamer-centric service. Of course this was not revealed until the end of the summary. Thanks for using slimy news tricks, Slashdot.
Oh god (Score:1)
I hope this does not devolve to "oH n0 tEh hA>OrZ! wE mUzT l0cH d0wN tEh aPi"
In this day and age, I'm surprised they even provide an open API for third party addon in this increasingly paranoid world where people are scared of their own shadow.
Hopefully, they will make the platform more secure against malicious activity, but there will always be some degree of risk. I can bear this much more than I could tolerate a no fun, locked tight, suffocating, and padded down world.
Re: (Score:3)
in this increasingly paranoid world where people are scared of their own shadow.
What you fail to understand is that it's not paranoia when the threat is real.
Re: Oh god (Score:2)
Yeah we can lock down the entire world and post a guard toting a machine gun on every street corner to make the world 'safe', but I would'nt want to live in a world like that. Neither did people who risked their lives to flee countries which were locked down and a gun toting cop demanded your papers if you wanted to move around.
I'll gladly accept risk if it means I get to have my freedom and not have to ask permission as a grown adult to use the bathroom.
I've delt with enviroments that had paranoia levels o
Re: (Score:2)
I've delt with enviroments that had paranoia levels of rules and security. The walking on eggshells was very bad for my health, and I felt like that I might as well have been in prison.
You have it backwards. With information security, you control the prison-like environment (your OS) and it's software/hardware (and it's developers) that have to walk on eggshells to appease your security measures.
Re: Oh god (Score:2)
"You have it backwards. With information security, you control the prison-like environment (your OS) and it's software/hardware (and it's developers) that have to walk on eggshells to appease your security measures."
Security these days involves treating all device owners like they are the threat, and locking devices down against the *owner*. People who say "hell no, I will not be controlled in this manner" and 'jailbreak' there own devices are being fought against by the likes of Apple. Sort of like throwi
Re: (Score:2)
Security these days involves treating all device owners like they are the threat, and locking devices down against the *owner*. People who say "hell no, I will not be controlled in this manner" and 'jailbreak' there own devices are being fought against by the likes of Apple. Sort of like throwing someone in prison so they allegedly won't become the *victim* of a crime.
If that's not what you want then don't reward them with your patronage. Some fools like living in an ivory prison which is part of why Apple does so well.
Frankly, none of the OSes for smartphones take security seriously enough which is a good part of why I don't use one. I use a feature phone and I know exactly what information it's leaking.
Re: Oh god (Score:2)
"If that's not what you want then don't reward them with your patronage. Some fools like living in an ivory prison which is part of why Apple does so well"
I don't use any Apple products but every company is going "MEE TOO!" and is adding iOS like restrictions to their products, either going all the way at once or gradually. Expect the ability to sideload apps to disappear on Android; I'm surprised this hasn't happened already, but it will. There will be nowhere to run.
Of course, we got the whole security cu
Re: (Score:2)
That is exceptionally hyperbolic. However, most people are not willing to put in the effort to protect themselves so things that claim they protect you are seen as saving you the effort. Anyway, use Linux, don't use a smartphone, and you will be free.
Re: Oh god (Score:2)
"That is exceptionally hyperbolic"
doubtful scince abuses by corporations are happening now that would've been unimaginable even 10 years ago.
I wish it was all hyperbole, but it's not to hard to see where things are going now and where it will end up.
I'm not ready to give up my smartphone just yet, because I use it as a portable computer. However, I've been taking a good long look at flip phones lately. It's not about privacy, as my life is so boring, whatever info they try to get is akin to trying t