How the attack is carried out
Attackers distribute RedLine Stealer, a piece of malware that sets out to steal user information. They have developed a fake website that appears to be a carbon copy of Microsoft’s official Windows 11 installer page. However, the “Download Now” button beneath the “Get Windows 11” banner links to a rogue installation housed on Discord’s content delivery network (CDN). The bundle, which consists of one executable and many DLL files, is only a few megabytes in size when downloaded. When the user tries to extract the contents of the compressed bundle, something unusual happens. The.EXE file accounts for the majority of the file’s 735MB size. The malware can access data like location, security software usernames, and device configurations, as well as upload and download files and run commands. In the year 2021, a similar incident occurred. Attackers utilized a similar spoof technique to set up a Discord webpage with a similar but misspelled name to deceive users into downloading a harmful installer posing as Discord’s own. HP believes that the DNS servers, malware, and domain registrar were all employed in the same way as the Windows 11 attack.
Why Discord ?
The discord platform is been chosen because of the popularity of this platform, gamers will likely be excellent targets for malware. Hackers are increasingly focusing their efforts on Discord. The nefarious few that spread malware prefer to target consumers of popular online services, and with Discord’s 140 million active users and over 300 million registered users, the chatting software is a tempting target. The most common aim for Discord malware is the theft of users’ personal information, which is accomplished through stealer malware and remote access Trojans (RATs). Harmful files might go unnoticed for months, posing a serious threat to other users. There are also password-hijacking malware families, adware, and fake Android apps designed to steal bank information or intercept transactions. Even chatbot APIs are being used to exploit malware that competes for control of channels, as well as some that harvest was stolen data and store it on private servers.
How to protect yourself
We all know that no one can be completely safe from these attacks. Discord is doing everything it can, to protect users from malware, but no amount of effort will be adequate to stop these attacks. However, you may avoid this by not clicking on every link you see, not joining servers you’re unfamiliar with, and disabling the “Allow direct messages from server members” option, which allows you to ban DMs (Direct Messages) from individuals in that server who aren’t on your friend’s list. However, Discord provides a list of security tips to keep you safe from spam and hacking while using the service. Setting strong passwords is one of the recommendations, as it makes them less likely to be compromised. People can also safeguard themselves by scanning for phishing scams. It is possible to detect bogus communications by paying close attention to the sender’s email address.
Reference:
https://www.pcgamer.com/devious-malware-hosted-on-discord-pretends-to-be-windows-11-installer/
https://discord.com/safety/360043857751-Four-steps-to-a-super-safe-account
Discord is definitely very famous among today’s youth. It definitely is one of the best options for malwares and virus to enter the computer. Even though big sites and apps like discord try their best, sometimes a lot of things can go under noticed. I totally agree to what you said, setting strong passwords can be of help in every such situation. Overall, this article was very intriguing and informative.
Great post! As someone who uses discord a lot, this is very informative, with Discord’s rising popularity it certainly is a good target due to its huge platform. I agree with the tips you’ve provided in order to protect yourself and it should apply to every platform.
Great post! As someone who uses discord a lot, this is very informative, with Discord’s rising popularity it certainly is a good target due to its huge platform. I agree with the tips you’ve provided in order to protect yourself and it should apply to every platform.
It amazes me to see how fast discord malware can spread as every week I seem to be mentioned with the chance of getting free discord nitro for 3 months. I hate how there are many fraudulent sites like you mentioned impersonating popular ones now in an attempt to steal login information or entice users to download malware. I do wish that there was a larger effort from companies like discord to prevent this sort of malware and phishing attacks and not rely on users who are the biggest security liabilities. Overall this post was very interesting to read as an avid user of discord.
Undoubtedly Discord is a great target for hackers. People coming from Indian-sub continent do not usually buy games, softwares, in general as there is no legal government rules that they will be fined if they do so. Therefore, most people use pirated softwares which are mostly full of malwares inside they do not aware of. Speaking of gamers, are even more vulnerable as they play cracked version of the games all the times, therefore they do not care what they are installing in their machines. And the numbers are huge! However, not only gamers people in general coming from these countries are even more vulnerable to be victims. Awareness campaign should be organized for the people living in these countries.
This is a great read! As you mentioned, efforts from Discord alone cannot stop this, so increased awareness of possible malware is definitely the way to go. Due to the large number of people using Discord, I’m guessing malware like this stays prevalent. Although I only clicked links from trusts servers, I’ll definitely be more careful when clicking stuff from larger servers.
As a student I use discord a lot since all of my course discussion groups are on discord. I recently learnt that huge gamers use discord for their business. After reading your post it make me think whether discord is actually safe. I am sharing multiple docs and files through out the semester which contain my personal information such as my UCID. I honestly do not want to be a victim of a malware attack. So from now onwards I am gonna be more careful accepting invites and opening links on discord. Thanks for raising awareness.
Thanks for calling out a potential risk on using Discord. I have been using it a lot these days and I love interact with bots. I have never considered it as a way to spread malware. The post helps me be more cautious of joining servers and bots on Discord. Also, I do think it is always better to download software on official sites and make some verifications before installation.
Thanks for this post. I use discord quite often, and it comes as no surprise that people will try to hack that platform, as the world seems bent on hacking every online service in existence…. You do make a good point that discord cannot really prevent all security threats, it really is in the hands of the users. This is why I am careful about which servers I join and who I accept friend requests from, and most especially double check links before I click on them.
Good post! I am use discord quite casually so I understand that these kinda of vulnerabilities would appear with such a popular application. I often open and send files to others without a second thought, so this makes me think about verifying files before opening anything 🙂
Discord is unquestionably popular with today’s youth. It is undoubtedly one of the most effective ways for malware and viruses to infiltrate the computer. Even though huge sites and apps like Discord try their hardest, a lot of things can slip through the cracks. I completely agree with what you mentioned; creating strong passwords can be beneficial in any case. Overall, I found this article to be quite interesting and educational. It was a great post for today’s generation.. Thanks.
That was a very informative post to read. I agree that discord is largerly popular nowadays and is used in many different purposes. It’s frightening to think that you can easily have a complete malware on your pc by a just a simple single click. I believe that people can easily be scammed by just joining a server. In addition, It’s so frightening to think about these malware as they have a high-quality counterfeit that might be used for a number of harmful purposes, posing a threat to our privacy. I believe that people should be more curious clicking or joining anything nowadays even if they believe it’s safe. But overall it was a very great post to read!
Such phishing scams, which prey on people’s curiosity, are harder to solve. As Microsoft rolls out Windows 11, many people want to try this update. I tried to find updates from third parties before I received them. Now I’m aware of the possible risks.
This is an excellent article! Discord is popular among the youth since it allows users to chat without being interrupted by advertisements and it is inexpensive to start a server, making it a desirable target owing to its large user base. Users may say anything they want and reveal their personal information without thinking about it. To keep safe on Discord, I recommend using a strong password, avoiding joining strange servers, and avoiding clicking on suspicious web URLs.
With the rise in popularity of online communication thanks to the pandemic, it would totally make sense for attackers to target something like Discord. I know a lot of classes and meetings usually go through Zoom, but I feel like Discord is a very close second when it comes to students and colleagues talking about school/work. Outside of that, I think gamers exclusively use Discord for any chat? With that demographic though, a lot of very young people are included in that (I’m talking 10-15 y/o). And unfortunately, those younger folks aren’t as knowledgeable or cautious when it comes to being aware of attacks, so it makes them in particular very easy targets.
Discord tends to be a place where a lot of illegitimate files are shared. I think this is mainly due to its popularity and how easy it is to share and download files. Some of the positive aspects of Discord makes it beome a major platform to easily distribute malware for attackes. This post gives us a lesson to stay away from random download sources on the internet. Another lesson is that we should only use Microsoft’s official means of getting it.
I use Discord, but was unaware of this threat. I have previous experience where I went to a site but I misspelled the address by 1 word and I would show up on a sketchy looking site. Luckily, I use an anti-malware program that prevents me from ever connecting to these websites, and it has saved me on numerous occasions. I strongly recommend anyone who uses the internet, (basically everyone), to download an anti-virus software that will prevent you from ever connecting to unsecure or sketchy looking website. I have tried many anti-virus programs and the best one I have come across is Kaspersky. Thanks for sharing this, I will try to be even more vigilant as I surf the web.
As someone that uses Discord quite a bit, this was a really great post to learn about this vulnerability. Bots are a great way to customize servers and have so many different uses and it is unfortnuate that people have turned this into a security problem. Even in school servers I have seen spam messages with scam links in them. Increasing awareness and education on preventing user targeted attacks like this can probably help reduce the chances of this vulnerability being exploited.
Discord previously was also accused of leaking personal data almost some months ago, this post seems to be more interesting as carbon copy of windows installer is distributed among discord. It seems to very tedious as mentioned in the blog post that, there are tons of gamers using discord quite often and it could be shared via person to person. From my point of view, vulnerability in discord has always been possible from the beginning. Probably the server needs and the bots needs to be more secure about file sharing i.e putting on the restrictions would be an ideal way to do so.
This post is worth reading. This post can make us realize that hackers use malware to invade our computers and obtain our personal information through Discord. Due to a large number of users using discord, when users ignore the attack of malware and download software at will, there will be more opportunities for hackers to attack computers and steal information. I think Discord should identify and update regularly and intercept the spread of malware to protect users’ information. When we use it, we should download the software carefully for safety. Your suggestion is useful. It is very necessary to set a strong password. Thank you for sharing this post.
This post would help a lot of people to educate themselves to stay safe when using online platforms. I always use Discord when I play games with my friends and I also always made sure that I never got sidetracked and pressed on any links (that looked suspicious) that I did not need to access as well as not getting into any unknown servers. Although I never got scammed or hacked, one of my closest friends once did and that was through WhatsApp (even though not discord) and after that incident I always just made sure that I never got to be in his shoes, no matter what online platform I was on. To prevent any scams or any hacks, I would just advice users to just use Discord just to communicate with close friends and not pay attention to any links or servers that look malicious. Users should use these platforms strictly to do a certain task and then hop off once their job is done (to make sure that they are safe always).
Good Post! I personally use Discord a lot, and I’ve been using it for a long time (since close to its release date) and I’ve seen it greatly grow in popularity. Since it has become such a popular service, it only makes sense that attackers would target it, as any potential attacks could be launched against a broader audience. Something good to note, however, would be that Discord updates regularly and that the team behind it is dedicated to maintaining its security against malicious attacks (or so they’ve said numerous times in their update patch notes). As you mentioned it is impossible to prevent all forms of attack, but it is good to know that measures are being taken to reduce the frequency of attacks.
As Microsoft released the latest windows 11 system, many people have chosen to update the latest system. At this time, keeping the source of the source file official may be the most important thing. Otherwise, it is very likely that we will download and install malicious software on the computer without our knowledge.
I have been using discord for long so i know how famous it is. Specially after lock down for covid it’s got more famous and games use discord a lot. So it is understandable discord one of the target for malware virus.
Neat post! A lot of indie developers, and hobby software developers appear to be moving away from posting their work (intended for distribution) on sites like stackoverflow, and more onto sites like discord. In your opinion, do you think that this is a good thing or a bad thing? Sure you can always say that the downloader should have been more careful in choosing what to download, but is discord on the whole a trustworthy site to host downloadable files?
Great post! With the popularity of Discord today I can see why it is a target spot to spread virus and malware. I also believe our generation is often quicker to click or accept terms and links without reading because “it’ll take more time” which might be our downfall. I appreciate the tips you have provided!