Discord is switching to temporary file links for all users in an attempt to block attackers who are taking advantage of its content delivery network (CDN) for hosting and pushing malware.
Read Also: 5 Discord Secrets You Might Not Know About
Discord Wants to Crack Down on Malware
Discord will reportedly begin putting a 24-hour expiration to file links that will be shared outside the platform by the end of the year, as per BleepingComputer. Recently, reports showed that the platform remains a place for conducting malicious activities such as hacking and advanced persistent threats.
While the main agenda is to crack down on malware, the decision will also decrease of using Discord as an unofficial file hosting service. Most of the users have been uploading images and other content on their servers and posting links outside of the platform. Once implemented, temporary links will be dead after a day although Discord assured that nothing will change for the content posted and shared on the platform itself.
"Discord is evolving its approach to attachment CDN URLs in order to create a safer and more secure experience for users," Discord shared with BleepingComputer. In addition, the move will potentially help the safety team restrict access to flagged content and eventually reduce the amount of malware that is distributed using the site's CDN.
Discord Continues Fight Against Cybercrimes
The platform has been well aware of its challenges, especially with the increasing cybercrime activities done through Discord. For months, the company has been the breeding ground for malicious activities that are linked to financially motivated and state-backed hacking groups. Since Discord has a permanent file hosting capability, many threat actors have been capitalizing on the opportunity to distribute malware.
In a report by Trellix, it was revealed that almost 10,000 malware samples use Discord's CDN to load second-stage payload on systems. Hackers often send the malware through the trusted "cdn. discordapp.com" domain which makes it hard for malware operators to detect.
The atttachement CDN URLs will have 3 new parameters: ex, is, and hm. According to Discord development team, "links with a given signature (hm) will remain valid until the expiration timestamp (ex)." Once the link expires users will have to get a new CDN URL.
Related Article: Discord Remains a Target for Conducting Malicious Activities
