Discord users should be cautious in these next few days. A new security alert warns about cybercriminals using the platform to spread 27 unique malwares. Some of the attacks create "zombie systems" where the hacker gains full access to the infected device.
Discord is one of the most popular communication platforms today. It features topic-based channels that could be organized into communities. Although it primarily operates on text and voice files, Discord users can exchange files like images, documents, executables and other related content.
On October 21, RiskIQ discovered cybercriminals exploiting the Discord Content Delivery Network (CDN) to store and spread their malware. Their strategy is to send these files to as many victims as possible through attachment messages. RiskIQ cataloged 27 unique malware types on the exploited CDN server.
27 Unique Discord Malwares Being Spread
RiskIQ discovered many unique malware families, but they all fall under four specific types.
- Backdoors, e.g., AsyncRat
- Password Stealers, e.g., DarkStealer
- Spyware, e.g., Raccoon Stealer
- Trojans, e.g., AgentTesla
According to RiskIQ, the backdoor malware was distributed to users who wanted to obtain Discord Nitro, the paid subscription service in Discord. It mainly uses AsyncRat that utilizes "Download," "Security," "Support," and "Log In" functionality.
On the other hand, the password stealer discovered reportedly used Redline stealer programming. Redline specializes collecting usernames, passwords, cookies, payment details and even cryptocurrency wallet information. Data harvested are usually sold to other cybercriminals.
The spyware in Discord was exploiting the Racoon Stealer file. It was programmed together with Taplink, which enabled the hacker to access user-linked pages like Instagram and other social media pages.
Last on the list is the Trojans. Some of these corrupted files used Agent Tesla, a malware used to mine cryptocurrency on an infected device without the victim's knowledge.
Taking all of these into consideration, Discord users should watch out for these types of attacks.
How to Stay Safe in Discord
Notebook Check pointed out that RiskIQ did not put a dollar value on the Discord potential losses. However, since Discord is a large userbase platform, millions of its users could be at risk with this development.
To stay safe amidst these cybercriminal attacks, Discord users are recommended to follow these steps:
- Do not accept friend requests or channel invites from unknown sources. This latest hack strategy involves a huge malware database, so it is hard to determine which users or channels could be infected. It would be best to play safe and avoid them altogether.
- Do not download or install from suspicious links. As previously mentioned, some of these hacking strategies feature "free Discord Nitro" promos. Avoid falling victim and never download these types of programs. Also, reject permissions when suspicious programs ask to "Run" on your device.
- Change your password immediately. If you have already downloaded from some of these suspicious links, you need to secure your account by changing your password immediately.