Geeks for your information News Privacy & Security News v
Attackers Blowing Up Discord, Slack with Malware
Attackers Blowing Up Discord, Slack with Malware
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,065 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  11 April 21, 11:48
Quote:Workflow and collaboration tools like Slack and Discord have been infiltrated by threat actors, who are abusing their legitimate functions to evade security and deliver info-stealers, remote-access trojans (RATs) and other malware.
 
The pandemic-induced shift to remote work drove business processes onto these collaboration platforms in 2020, and predictably, 2021 has ushered in a new level cybercriminal expertise in attacking them.
Cisco’s Talos cybersecurity team said in a report on collaboration app abuse this week that during the past year threat actors have increasingly used apps like Discord and Slack to trick users into opening malicious attachments and deploy various RATs and stealers, including Agent Tesla, AsyncRAT, Formbook and others.
 
“One of the key challenges associated with malware delivery is making sure that the files, domains or systems don’t get taken down or blocked,” Talos researchers explained in their report. “By leveraging these chat applications that are likely allowed, they are removing several of those hurdles and greatly increase the likelihood that the attachment reaches the end user.”
 
The researchers explained that Slack, Discord and other collaboration app platforms use content delivery networks (CDNs) to store the files shared back and forth within channels. As an example, Talos uses the Discord CDN, which is accessible by a hardcoded CDN URL from anywhere, by anyone on the internet.
 
“This functionality is not specific to Discord. Other collaboration platforms like Slack have similar features,” Talos reported. “Files can be uploaded to Slack, and users can create external links that allow the files to be accessed, regardless of whether the recipient even has Slack installed.”
 
The trick, the team said, is to get users to click on a malicious link. Once it has evaded detection by security, it’s just a matter of getting the employee to think it’s a genuine business communication, a task made easier within the confines of a collaboration app channel.

Read more: Attackers Blowing Up Discord, Slack with Malware | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Malwarebytes 5.2.10.182
Malwarebytes 5.2.1...Mohammad.Poorya — 16:46
Microsoft Defender Antivirus security in...
Microsoft Defender...harlan4096 — 13:44
AnyDesk 6.4.3 for Linux
AnyDesk 6.4.3 for ...harlan4096 — 09:51
AnyDesk 9.5.0 for Windows
AnyDesk 9.5.0 for ...harlan4096 — 09:51
Notepad++ v8.7.9 released 2025-04-02
Notepad++ v8.7.9 r...harlan4096 — 09:49

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (44)wapedDow
avatar (48)oapedDow
avatar (41)Sanchowogy
avatar (45)MeighGoask
avatar (46)creatralGuelm
avatar (37)procnipsut
avatar (43)accenwibly
avatar (40)ahyvily
avatar (37)urumahiz
avatar (43)techlignub
avatar (42)Stevenmam
avatar (49)onlinbah
avatar (49)fuspeukChark
avatar (43)werriewWaiNg
avatar (37)Freemanleo
avatar (42)cdoubapKit
avatar (37)lystraPonia
avatar (30)smith8395john
avatar (50)steakelask
avatar (44)Termoplenka
avatar (42)bycoPaist
avatar (48)pieloKat
avatar (42)ilyagNeexy
avatar (50)donitascene
avatar (50)burntLaw
avatar (40)MrDoorsskibheeds
avatar (50)Toligo
avatar (45)Rodneykak
avatar (48)tradeSmode
avatar (38)vemedProkbior
avatar (37)RobertUtelt
avatar (45)JamesZic
avatar (42)Sanfordbup
avatar (37)Der.Reisende

[-]
Online Staff
There are no staff members currently online.

>