Hackers are using Discord to send malware and remote-access trojans, putting millions of users at risk
According to a report by the analysts at RiskIQ, Discord's CDN network is increasingly turning into a platform used to disseminate malware. The report indicated that one popular way of spreading malware was by using the Discord CDN’s channel ID system to get users to download password stealers, remote access trojans, and other malware, thinking that they’re downloading legitimate extensions like Taplink.
While the report logged a wide variety of malware on the Discord CDN, RATs, or remote-access trojans, were found to be the most common. This is particularly worrying since RATs are used by hackers to gain direct access and control over victim devices. RATs themselves vary in function from then relatively innocuous Agent Tesla, used to mine cryptocurrency without the victim’s knowledge to other remote-control tools that allow cyber criminals to use victim computers and phones as “zombie systems” to further disseminate attacks.
RiskIQ has not put a dollar value on the potential losses here. However, the report did highlight that Discord’s large userbase means that millions of users are potentially at risk.