back to article Never mind the trolls, Discord hosts 'significant volumes of malware' in its CDN

Sophos on Thursday warned that internet instant-chat service Discord is becoming an increasingly popular malware distribution channel. In a blog post, security sleuths Sean Gallagher and Andrew Brandt said four per cent of all TLS-protected malware – representing about 46 per cent of all malware command-and-control …

  1. Potemkine! Silver badge

    Credibility score: zero

    When I read a spokesman's answer, I see nothing else than a mix of lies and hot air.

    Never an admission they did it wrong. Never an admission they could do better. The standard practice is the one of criminals never confess.

    1. Lil Endian

      Re: Credibility score: zero

      Never an admission they could do better.

      "While Discord has some malware screening capabilities, many types of malicious content slip by without notice," they said.

      Well, up your game then. Sounds like you have some scope.

      1. Gene Cash Silver badge

        Re: Credibility score: zero

        > Well, up your game then. Sounds like you have some scope.

        Probably just a red dot, though...

        1. Lil Endian

          Re: Credibility score: zero

          No cross-hairs? Aaaaw.

  2. Lil Endian
    Thumb Down

    DC Phone Home

    That is a huge rise in malware - wow! GG Discord, not.

    I've hosted my own Mumble/TS3 for donkey's years.

    Earlier this year I left a community, or rather they left TS3, when they decided to go Discord (cos kewl). I told them I wouldn't follow and explained why (service not in 'our' control = not secure or guaranteed resilient etc. My work doesn't make an extra attack surface sensible). Of course I was scoffed at. So a gaming community of ~40 members, some of which are RL friends and I've played with for many years, upped and went.

    My first thought on starting to read the article: credential theft for the purpose of gold selling.

    Discord doesn't just phone home, you're in its house all the time. What could possibly go wrong?

    Ho hum.

  3. Captain Scarlet
    Coffee/keyboard

    Hosting executables

    Hosting any program is asking for trouble, can't expect AV to be able to detect everything.

  4. Claptrap314 Silver badge

    Are you hosting a website where the general public can sign up?

    Can they post arbitrary content?

    Then you have malware. And, as folks here constantly point out, signature files are not going to do a great job of finding it.

  5. EricB123

    Sounds Familiar

    This sounds like the new drug war. Probably will end about as successfully too.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021