Notebookcheck Logo

Hackers are using Discord to send malware and remote-access trojans, putting millions of users at risk

The Discord CDN network is apparently being abused to send malware masquerading as images, video, or text (Image source: Discord)
The Discord CDN network is apparently being abused to send malware masquerading as images, video, or text (Image source: Discord)
A report by RiskIQ indicates that hackers are abusing the Discord CDN to in a range of ways to send users over 27 different types of malware, including remote access trojans that allow them to gain control of victims' devices.

According to a report by the analysts at RiskIQ, Discord's CDN network is increasingly turning into a platform used to disseminate malware. The report indicated that one popular way of spreading malware was by using  the Discord CDN’s channel ID system to get users to download password stealers, remote access trojans, and other malware, thinking that they’re downloading legitimate extensions like Taplink. 

While the report logged a wide variety of malware on the Discord CDN, RATs, or remote-access trojans, were found to be the most common. This is particularly worrying since RATs are used by hackers to gain direct access and control over victim devices. RATs themselves vary in function from then relatively innocuous Agent Tesla, used to mine cryptocurrency without the victim’s knowledge to other remote-control tools that allow cyber criminals to use victim computers and phones as “zombie systems” to further disseminate attacks. 

RiskIQ has not put a dollar value on the potential losses here. However, the report did highlight that Discord’s large userbase means that millions of users are potentially at risk. 

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2021 10 > Hackers are using Discord to send malware and remote-access trojans, putting millions of users at risk
Arjun Krishna Lal, 2021-10-30 (Update: 2021-10-30)