Security News > 2021 > July > Never mind the trolls, Discord hosts 'significant volumes of malware' in its CDN

Never mind the trolls, Discord hosts 'significant volumes of malware' in its CDN
2021-07-23 01:32

In a blog post, security sleuths Sean Gallagher and Andrew Brandt said four per cent of all TLS-protected malware - representing about 46 per cent of all malware command-and-control communication - interacts with Discord.

"We observed significant volumes of malware hosted in Discord's own CDN, as well as malware interacting with Discord APIs to send and receive data," said Gallagher and Brandt.

Malware creators are using Discord to serve, spread, and control malware aimed at Discord users.

"In April, we reported over 9,500 unique URLs hosting malware on Discord's CDN to Discord representatives," they said.

"In the second quarter, we detected 17,000 unique URLs in Discord's CDN pointing to malware. And this excludes the malware not hosted within Discord that leverage Discord's application interfaces in various ways."

"And when users get caught, they can burn their account and create a new one. Discord relies heavily on user reports to police abuse. But when the Discord architecture is used for activities that are limited to targets not necessarily within the Discord user community, they can go unreported and persist for months."


News URL

https://go.theregister.com/feed/www.theregister.com/2021/07/23/discord_malware_channel/