Discord hosts 'significant volumes of malware' in its CDN


Level 85
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
Sophos on Thursday warned that internet instant-chat service Discord is becoming an increasingly popular malware distribution channel.

In a blog post, security sleuths Sean Gallagher and Andrew Brandt said four per cent of all TLS-protected malware – representing about 46 per cent of all malware command-and-control communication – interacts with Discord.

"Sophos products detected and blocked, just in the past two months, nearly 140 times the number of detections over the same period in 2020," they said.

Discord operates its own content delivery network (CDN) to allow users to upload and share files with one another, and because it provides an API for programmatic access to the service. Miscreants thus see the channel as a potential distribution opportunity and as a provider of free infrastructure.

"We observed significant volumes of malware hosted in Discord’s own CDN, as well as malware interacting with Discord APIs to send and receive data," said Gallagher and Brandt.