November 4, 2023 at 02:02PM
Discord will implement temporary CDN links by the end of the year to prevent attackers from using its content delivery network for distributing malware. This change will not affect users who share content within the Discord client. Links to files uploaded to Discord servers will expire after 24 hours, improving security and preventing permanent file hosting on Discord’s CDN. Discord has been facing challenges in combating cybercrime activities on its platform, including the distribution of malware and data exfiltration. Reports show that thousands of malware operations have exploited Discord’s CDN URLs for malicious purposes.
Key Takeaways from the Meeting Notes:
– Discord will be switching to temporary CDN links for all users by the end of the year to prevent attackers from using its content delivery network for malware delivery.
– This change is aimed at creating a safer and more secure experience for users, allowing the safety team to restrict access to flagged content and reduce the distribution of malware through the CDN.
– Users who share content within the Discord client will not be impacted, as the links will be automatically refreshed. However, those hosting files on Discord are recommended to find a more suitable service.
– Developers may experience minimal impact, and Discord will be working closely with the community during the transition. More information will be shared with developers in the coming weeks.
– After the file hosting change rolls out, all links to files uploaded on Discord servers will expire after 24 hours. CDN URLs will include new parameters with expiration timestamps and unique signatures to prevent permanent file hosting on Discord’s CDN.
– While the parameters are being added to Discord links, their enforcement will come with the authentication changes that will be rolled out later this year.
– The new CDN URL parameters are ex, is, and hm, and they will ensure that links remain valid until the expiration timestamp.
– Discord’s move to implement temporary CDN links is a significant step in combating malware distribution and curbing cybercriminal activities on its platform.
– Malicious activities, often associated with financially motivated and state-backed hacking groups, have been prevalent on Discord servers, taking advantage of the platform’s permanent file hosting capabilities.
– The misuse of Discord’s CDN URLs has led to the distribution of various malware payloads, including RedLine stealer, Vidar, AgentTesla, zgRAT, and Raccoon stealer.
– Cybersecurity company Trellix’s report indicates that at least 10,000 malware operations have exploited Discord CDN URLs to deliver second-stage malicious payloads and steal sensitive information from compromised systems, such as credentials, browser cookies, and cryptocurrency wallets.