Popular community creation app Discord is becoming another platform for cybercriminals to reach out to new victims with malware.
Discord uses VoIP, instant messaging, and digital content distribution to allow users to communicate with voice calls, video calls, text messaging, media, and files in private chats or as part of communities called "servers".
Unfortunately, or perhaps unsurprisingly, Sophos security researchers warned that it is becoming an increasingly popular malware distribution channel.
In a blog post and report, the researchers detailed how they detected 17,000 unique URLs in Discord’s CDN pointing to malware. The number of URLs hosting malware on Discord’s CDN during the second quarter of 2021 also increased by 140 per cent compared to the same period in 2020.
So much malware
The malware is often disguised as gaming-related tools and cheats . Common “cheats” seen by Sophos researchers include modifications that allow players to disable an opponent or to access premium features for free – usually for a popular online game such as Minecraft, Fortnite, Roblox, and Grand Theft Auto. The researchers also found a lure that offered gamers the chance to test a game in development.
Information-stealers accounted for more than 35 per cent of the malware seen with Sophos researchers discovering several password-hijacking malware, including Discord security token “loggers” built specifically to steal Discord accounts.
ALSO READ: McAfee report: Surge in mobile malware using fake Covid-19 vaccination programmes
In another instance, the researchers found a modified version of a Minecraft installer that, in addition to delivering the game, installs a “mod” called “Saint”. Saint is in fact spyware, capable of capturing keystrokes and screenshots as well as images directly from the camera on an infected device.
One malware they found, could steal private images from the camera on an infected device, while another was ransomware from 2006 that attackers had resurrected to use as ‘mischiefware’ to deny victims access to their data.
Staying safe on Discord
Sophos recommends that organisations using Discord for workplace chat and collaboration use multi-factor authentication (MFA) to protect employees’ Discord accounts and ensure that all employees have up-to-date malware protection on any computer they use to access remote collaboration platforms for work-related projects.
Sophos also advises consumers to install a security solution on the devices that they and their families use for online communications and gaming.
This article was first published in Hardware Zone.