Discord is being used to ship malware, report finds


Aside from being a fun and engaging platform that allows users to connect with distant friends or host virtual gatherings and meetings, Discord has other more nefarious uses.

Sophos, a UK-based security software and hardware company, released a new report that details how the app is often used to distribute, control and host different forms of malware.

Discord has been steadily growing its userbase over the past few years, so much so that it was in talks regarding a $10 billion buyout with Microsoft. Those didn’t amount to anything but you can see why it’s to be expected that with all the new ‘good’ users, come the bad.

Previously in the year, Sophos detected 17,000 new malware threats on the gaming-focused chat app’s content delivery network — the part of Discord that lets you upload files to share with others. Many of which were classified as ‘infostealers’, designed to extract personal information like account credentials. 

Don’t get social-engineered out of your Discord account

As its customer base has grown, so too has its need for the supporting infrastructure, naturally. This growth has made the app an inviting tool for cybercriminals.

Sean Gallagher, Senior Threat Researcher at Sophos explains that, “Discord provides a persistent, highly-available, global distribution network for malware operators, as well as a messaging system that these operators can adapt into command-and-control channels for their malware,”

One of the common ways the threat actors leverage these tools is by targeting younger children, offering them cheats or hacks for games such as Roblox of Fortnite. 

“Platform security is a priority for us. Discord relies on a mix of proactive scanning – such as antivirus scanning – and reactive reports to detect malware and viruses on our service before they reach users. We also do proactive work to locate and remove communities misusing Discord for this purpose. Once we become aware of these cases or bad actors, we remove the content and take appropriate action on any participants.” a Discord spokesperson says in a statement.

It isn’t all doom and gloom though. In the report, Sophos commended Discord for its timeous fashion in responding to takedown requests. They also mentioned that there are steps the end-user can take to ensure they don’t become a victim, like using two-factor authentication to protect against account takeovers.

The spokesperson continues, “We value feedback from trusted sources like Sophos whose expertise can help identify malware so that we can remove it and ensure no further distribution occurs on Discord.”


About Author

I've been interested in tech for as long as I can remember. A few facts about me; I learnt how to code when I was 5, I helped Mark Shuttleworth develop Ubuntu when I was 9 and now I write for a tech publication. Only one of those facts is true. I also have a drama degree, hence the writing.

Leave A Reply