Carding 4 Carders
Professional
Experts believe that the platform can become a threat to the economy and national security.
The popular Discord messenger, which has more than 140 million active users, has recently become increasingly a springboard for cyber attacks. A new report by Trellix experts shows this alarming trend.
According to the study, attackers use the platform's capabilities to spread malware, steal confidential data, and attack corporate systems. Recently, sophisticated APT groups that are highly efficient and secretive in their operations have joined the use of the messenger.
One of the key methods of attacks is the distribution of dangerous files and programs through the CDN (content delivery network) of Discord itself. The files are disguised as harmless applications and are sent to the victim's computer from a trusted domain cdn.discordapp.com. This allows you to bypass antivirus protection.
Another common method is to use webhooks. Hackers create scripts that secretly transmit users ' personal information, passwords, and browser cookies to external servers. At the same time, traffic is disguised as normal data exchange within the messenger.
Discord webhooks are easy to set up and use even without a deep knowledge of programming. This is the most cost-effective and affordable method.
Especially popular among attackers are so-called infostealers-Trojan programs specially designed to steal confidential information. Among the most active are Agent Tesla, RedLine, and UmbraStealer. Groups use them to steal financial documents, passwords from crypto wallets, and logins from other services.
It is disturbing that hackers using APT have started attacking critical infrastructure objects – government agencies, energy and industrial enterprises, whose employees keep up with the general trends and use Discord, for example, for work plans.
The main feature of advanced threats is their ability to remain undetected in the victim's system for a long time. Eliminating them is quite difficult, so if attacks continue to develop, the national security and economy of entire countries may suffer in the future.
According to experts, Discord is not yet taking sufficient measures to combat illegal activities. Blocking individual suspicious accounts clearly doesn't solve the problem.
Experts offer several solutions. Including:
1. Implement traffic monitoring systems to detect malicious activity in time
2. Prohibit new and anonymous accounts from sharing files and links
3. Apply machine learning techniques that will recognize signs of hacking at an early stage.
The popular Discord messenger, which has more than 140 million active users, has recently become increasingly a springboard for cyber attacks. A new report by Trellix experts shows this alarming trend.
According to the study, attackers use the platform's capabilities to spread malware, steal confidential data, and attack corporate systems. Recently, sophisticated APT groups that are highly efficient and secretive in their operations have joined the use of the messenger.
One of the key methods of attacks is the distribution of dangerous files and programs through the CDN (content delivery network) of Discord itself. The files are disguised as harmless applications and are sent to the victim's computer from a trusted domain cdn.discordapp.com. This allows you to bypass antivirus protection.
Another common method is to use webhooks. Hackers create scripts that secretly transmit users ' personal information, passwords, and browser cookies to external servers. At the same time, traffic is disguised as normal data exchange within the messenger.
Discord webhooks are easy to set up and use even without a deep knowledge of programming. This is the most cost-effective and affordable method.
Especially popular among attackers are so-called infostealers-Trojan programs specially designed to steal confidential information. Among the most active are Agent Tesla, RedLine, and UmbraStealer. Groups use them to steal financial documents, passwords from crypto wallets, and logins from other services.
It is disturbing that hackers using APT have started attacking critical infrastructure objects – government agencies, energy and industrial enterprises, whose employees keep up with the general trends and use Discord, for example, for work plans.
The main feature of advanced threats is their ability to remain undetected in the victim's system for a long time. Eliminating them is quite difficult, so if attacks continue to develop, the national security and economy of entire countries may suffer in the future.
According to experts, Discord is not yet taking sufficient measures to combat illegal activities. Blocking individual suspicious accounts clearly doesn't solve the problem.
Experts offer several solutions. Including:
1. Implement traffic monitoring systems to detect malicious activity in time
2. Prohibit new and anonymous accounts from sharing files and links
3. Apply machine learning techniques that will recognize signs of hacking at an early stage.
