Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Exploiting Discord in critical infrastructure threats

An insidious trend: the growing use of Discord as a tool to attack critical infrastructure

New findings show that state-run hacker groups are using Discord to attack critical infrastructure, exploiting its content delivery network and stealing sensitive data via webhooks. Loaders such as SmokeLoader and PrivateLoader download malicious payloads from Discord's CDN.
Gruppo ECP

FROM THE GAP TO THE FINISH LINE
We transform challenges into business successes
DISCOVER HOW

Gruppo ECP

FROM THE GAP TO THE FINISH LINE
We transform challenges
into business successes
DISCOVER HOW

This pill is also available in Italian language

More and more criminals are abusing legitimate infrastructure for nefarious purposes. New findings show how state-run hacker groups have entered the field using social platforms to target critical infrastructure.

The risks of using Discord in such attacks

In recent years, Discord has become a lucrative target by serving as a breeding ground for malware, using its content delivery network (CDN), and allowing attackers to steal sensitive data from the app via webhooks.

A case of attack on ukrainian critical infrastructure

However, this appears to be changing, as the cybersecurity firm has found evidence of an artifact targeting Ukrainian critical infrastructure, although there is currently no evidence linking it to a known threat group.

Malware infiltration of Discord communications

The analysis results revealed that loaders such as SmokeLoader, PrivateLoader and GuLoader are among the most popular malware families using Discord's CDN to download next-generation payloads, including stealers such as RedLine, Vidar, Agent Tesla and Umbral.

Follow us on Facebook for more pills like this

10/17/2023 16:57

Marco Verro

Complementary pills

Large-scale theft of cryptocurrencies via phishingAnalysis of sophisticated cybercriminal strategies in the cryptocurrency sector

Discord will adopt temporary links to block malware attacksA strategic move to protect the platform and users from malware threats on Discord

Last pills

Cloudflare repels the most powerful DDoS attack ever recordedAdvanced defense and global collaboration to tackle new challenges of DDoS attacks

Silent threats: the zero-click flaw that compromises RDP serversHidden risks in remote work: how to protect RDP servers from invisible attacks

Discovery of vulnerability in Secure Boot threatens device securityFlaw in the Secure Boot system requires urgent updates to prevent invisible intrusions

North korean cyberattacks and laptop farming: threats to smart workingAdapting to new digital threats of remote work to protect vital data and infrastructures

Don’t miss the most important news
Enable notifications to stay always updated