In a new campaign, cybercriminals are using Discord to target gamers and steal their credentials and financial info. The bad actors have abused Discord to host, spread, and control malware aimed at the users of this chat service, according to new research from Sophos.
Since last year, Discord has increased in popularity with 140 times more URLs hosting malware were blocked in the past two months, compared with the same period in 2020. The Sophos researchers said Discord hosts 4% of all TLS-protected malware downloads they have detected.
In the second quarter, researchers detected 17,000 unique URLs in Discord’s CDN that pointed to malware. This excludes malware not hosted within Discord that leverages Discord’s application interfaces in various ways. What’s more, over 4,700 of URLs that point to a malicious Windows .exe file still remain active.