Popular chat platform Discord will switch to temporary file links for all users by the end of the year to block malware.
Popular chat platform Discord will switch to temporary file links for all users by the end of the year to block malware.
The platform will use temporary file links that expire after 24 hours for user content shared outside of Discord. The change is expected to go into effect by the end of the year to block attackers from using its CDN (Content Delivery Network) for hosting and pushing malware.
To create a safer and more secure experience for users, Discord is evolving its approach to attachment CDN URLs. In particular, this will help our safety team restrict access to flagged content and generally reduce the amount of malware distributed using our CDN, Discord said.
CDN URLs will come with three new parameters that will add expiration timestamps and unique signatures that will remain valid until the links expire, preventing the use of Discord's CDN for permanent file hosting.
While these parameters are already being added to Discord links, they still need to be enforced, and links shared outside Discord servers will only expire once the company rolls out its authentication enforcement changes.
There is no impact on Discord users sharing content within the Discord client. Any links within the client will be auto-refreshed. If users are using Discord to host files, we'd recommend they find a more suitable service.
Discord developers may see minimal impact, and we're working closely with the community on the transition. These changes will roll out later this year, and we'll share more info with developers in the coming weeks.
This is a much-anticipated move toward the ongoing challenges Discord faces in curbing cybercrime activities across its platform.
Discord's permanent file hosting capabilities have frequently been misused to distribute malware and exfiltrate data gathered from compromised systems using webhooks.
Despite the increasing magnitude of this problem in recent years, Discord has encountered difficulties in implementing effective measures to discourage cybercriminals from exploiting its platform and taking decisive action to tackle the issue or, at the very least, reduce its consequences.
In a recent report by cybersecurity company Trellix, Discord CDN URLs have been exploited by at least 10,000 malware operations to drop second-stage malicious payloads on infected systems.
These payloads primarily consist of malware loaders and scripts that install malware, such as RedLine stealer, Vidar, AgentTesla, zgRAT, and Raccoon stealer.
According to Trellix's data, Discord webhooks have been utilized by several malware families, such as Agent Tesla, UmbralStealer, Stealerium, and zgRAT, in recent years to steal sensitive data, including credentials, browser cookies, and cryptocurrency wallets, from compromised devices.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?