The email remains the main vector of spread for malware and cyber attacks, even if i cybercriminali they are gradually exploiting other channels for their purposes as well.
Online messaging services, in this sense, present themselves as the ideal environment. Among the various services in the sector, cyber criminals tend to prefer more and more Discord. This, in fact, is the perfect tool to spread malicious agents: with its own 300 million active users and a use that now goes beyond the gaming context, the opportunity for cybercriminals is one that cannot be missed.
What made this service fertile ground for malware was the release of Discord Nitro. In fact, this allowed users to share large files, making the work of anyone who used chat to convey malware easier.
Not only that: nowadays developers and other professionals opt for this platform in order to communicate with colleagues and superiors. Despite this, very few users know the risks associated with Discord.
Malware and cyber attacks: Discord increasingly dangerous
The aforementioned Discord Nitro was precisely at the center of malware operations, with cybercriminals exploiting techniques social engineering combined with users’ desire to obtain this premium functionality, to claim numerous victims among users.
Discord is difficult for computer security experts also due to the many techniques that cybercriminals can adopt to hide effectively.
One strategy, for example, is to use a content delivery network, such as file hosting servicesto accommodate the payload harmful. Since these payloads are hosted on a popular service and protected by HTTPSit is very difficult for them to be identified in a short time.
The Command & Control communication system (C&C) via theAPI of Discord is another method used by those who spread malware. The API allows for simple communication between users on the platform and the program. This form of C&C communication is difficult to monitor and defend against, as it communicates with a single endpoint accessible via legitimate services.
In other cases, the insertion of the payloads takes place directly in the source code of Discord. This type of tampering, as you can easily imagine, makes the work of antivirus and cybersecurity experts very difficult.
Malware that targets the messaging app is also often spread through GitHub. All this makes malicious software quickly available to a very large number of cybercriminals. Finally, there is no shortage of attacks that exploit the webhooka function introduced by the platform in 2020, which is often abused.
In fact, Discord remains a very valid app capable of offering a lot to users. Despite this, it must be used with the awareness of how fertile ground it is, at least at the moment, for ill-intentioned people of various types. For the future, however, there is more than one hope: the platform is moving with various initiatives to increase the level of security for its users.