You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
A few weeks back, leading cybersecurity company Sophos issued a warning that Discord is becoming an increasingly common target for hackers. The vicious few pushing out malware tend to target users of successful online services, and considering Discord's 140 million plus active users—with over 300 million registered to date—that makes the chat software a pretty juicy target.
Sophos notes the number of malware detections over the past couple of months has grown by almost 140 times what it was for the same period last year. And part of that problem comes down to how Discord files are stored in the cloud.
"Once files are uploaded to Discord, they can persist indefinitely unless reported or deleted," the report says.
In its research into the types of malware that litter the Discord cloud storage, Sophos found a bunch of game cheating tools. Some were meant to exploit Discord integration protocols in order to crash an opponent's game, and some were advertised as 'enhancements' meant to unlock paid content, keys and bypasses. The catch is that only a few were found to contain the intended cheating software, most were actually some form of credential theft masquerading as such.
Best gaming motherboard: the best boards around
Best AMD motherboard: your new Ryzen's new home
Among the cheat-bait, other nasties slink by undetected: password-hijacking malware families, spyware, fake android apps meant to nab financial info or intercept transactions. Even chat bot API exploiting malware that vies for control of channels, and some that extract stolen information only to post it into private servers.
The most common focus for Discord malware is the theft of user's personal information, using stealer malware and remote access Trojans (RATs) to do their dirty work.
Sophos explains, "The threat actors behind these operations employed social engineering to spread credential-stealing malware, then use the victims’ harvested Discord credentials to target additional Discord users."
So, while Discord does have a few tricks up its sleeve to combat malware, it cannot protect against human complacency.
Harmful files can go unreported for months, and pose a serious threat to other users. If you don't want to be an accessory to the fact, don't hesitate to pull up something that's out of place to a moderator. And of course, no matter who sends it, think twice before clicking that link that just popped up on your favourite server.
