Discord is still considered a breeding ground for malicious activities such as hacking and advanced persistent threat (APT), as per Trellix's report.
Read Also : 5 Discord Secrets You Might Not Know About
Discord Becomes a Place for Malware Distribution
Threat actors often do it in various ways by using the platform's content delivery network (CDN) to distribute malware, modify Discord client to steal sensitive information like passwords, and abuse the platform's webhooks to steal data from the victim's system.
Most of the time the hackers are able to send malicious payloads from the trusted "cdn.discordapp.com" domain. By using this technique, the malware operators are able to evade the detection system placed by Discord.
Trellix's data revealed that around 10,000 malware samples use the Discord CDN to load second-stage payload on systems. Moreover, the data also unveiled that around 17 families have been abusing the Discord webhooks since August 2021. These malware families are able to collect credentials, browser cookies, crypto wallets, and other sensitive data from the victim's system.
APT Hackers Join Discord
The report also tracked that Discord is now being used by APT hackers in an attempt to target critical infrastructure. "APTs are known for their sophisticated and targeted attacks, and by infiltrating widely used communication platforms like Discord, they can efficiently establish long-term footholds within networks, putting critical infrastructure and sensitive data at risk," the report stated.
Over the years, Discord has been unable to provide and implement solutions that will safeguard the platform from cyber criminals. The platform has only done as much as to ban suspicious accounts. However, it does not stop malicious actors from creating a new one and resume the same activities.
With APT joining other malicious actors in Discord, it will certainly add a new layer of threat to the landscape.
Related Article : Discord Opens Parental Control To Protect Young Users