Malware can easily abuse Discord features to attack users
Date:
Fri, 22 Oct 2021 14:08:19 +0000
Description:
Malicious users are swarming to Discord thanks to its lax controls on its
open API, suggest experts.
FULL STORY ======================================================================
Cybersecurity experts have successfully demonstrated that the features of gaming-centric messaging platform Discord can easily be abused for malicious purposes.
Researchers from Check Point Research (CPR) have spotted early signs of malicious actors interested in exploiting some of Discords most useful features to target users of the platform.
The most prominent sign is a multi-functional malware available to anyone on Github. This malware has the capability to take screenshots, download and execute additional files, and perform keylogging all by using the core features of Discord, write CPR researchers Idan Shechter & Omer Ventura. TechRadar needs you!
We're looking at how our readers use VPNs with streaming sites like Netflix
so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
Click here to start the survey in a new window <<
Discord claims to have 19 million active servers per week that facilitate communication between its 150 millions active users, making it an attractive target for threat actors. Discord in discord
As they analyzed the malware, which is written in Python , CPR researchers realized that the root of the problem is the Discord API that doesnt require any type of confirmation or approval.
Since the API is open for everyone to use, threat actors can use it to
program bots that can turn the platforms features for malicious purposes like malware development, botnet setups, C2 communication and malicious file hosting .
Talking of malicious file hosting, a Sophos research claimed that in Q2 2021 it detected 17,000 unique malware URLs in the Discord content delivery
network .
Because Discord messages are encrypted , users cant easily tell if malware is attached to their communications, says Saryu Nayyar, CEO of security vendor Gurucul. Bad for business
The problem however doesnt have an easy solution, and the CPR researchers believe that preventing Discord malware cant be done without harming the Discord community.
All too often, developers emphasize functionality over security, and this is an example of an exploitation that probably could have been addressed with a better software design. But the Discord platform itself has to be able to collect and analyze data in real time to look for and remediate unusual activity, believes Nayyar.
While the CPR researchers suggest that its up to the users actions to keep their devices safe, Doug Britton, CEO of cybersecurity talent acquisition
firm Haystack Solutions believes that its time Discord does some introspection.
Discord is an amazing product but it needs to take a deep look at the trade off between open functionality and security. Relying on users to recognize malicious intent is not a sustainable solution and becoming a RAT gateway is bad for business, opines Britton.
Stay safe online with the best antivirus services around
======================================================================
Link to news story:
https://www.techradar.com/news/malware-can-easily-abuse-discord-features-to-at tack-users/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)