NEW DELHI: Cybersecurity firm Sophos has warned that instant messaging and voice over Internet Protocol (VoIP) platform Discord is being used by hackers to spread malware. In a report, researchers said they had analysed over 1,800 malicious files, detecting telemetry that led to the Discord Content Management Network (CDN). The company was researching malware that use Transport Layer Security (TLS), a popular security protocol, to make themselves seem legitimate.
According to Sophos, 4% of the malware it researched had come from Discord. “Discord operates its own content delivery network, or CDN, where users can upload files to share with others. The service also publishes an API, enabling developers to create new ways to interact with Discord other than through its client application,” the company said. “We observed significant volumes of malware hosted in Discord’s own CDN, as well as malware interacting with Discord APIs to send and receive data.”
This is not the first time security experts have flagged Discord as a tool being used to spread malware though. American cloud security firm Zscaler had flagged similar issues in February this year. The company said cybercriminals were using the Discord CDN not only to “host malicious files” but also for “command and control communication”.
“Multiple categories of malware are being served through the Discord app’s CDN infrastructure — ransomware, stealers and cryptominers,” the company said at the time, adding that the malware is often disguised as pirated or gaming software to trick gamers.
As far as communication tools and chat platforms go, Discord has always been positioned as a chat platform for gamers. However, it is also used by the crypto community in India, among others. The platform reportedly has over 140 million users worldwide, and had received a $10 billion acquisition offer from Microsoft earlier this year.
Never miss a story! Stay connected and informed with Mint.
our App Now!!