There has been a 60 per cent increase in ransomware attacks against Australian entities in the past year, according to the government's cyber security agency, the ACSC. Apr 7, 2021 8:00 AM Hackers Are Exploiting Discord and Slack Links to Serve Up Malware Beware of links from platforms that got big during quarantine. In the second quarter, we detected 17,000 unique URLs in Discords CDN pointing to malware. The WEF, Russia's Sberbank, and its cybersecurity subsidiary BIZONE announced in February that a new cyberattack simulation would occur July 9, 2021. Use of this site constitutes acceptance of our User Agreement and Privacy Policy and Cookie Statement and Your California Privacy Rights. The contents of this archive included 11 ELF binaries, 7 text files (containing long lists of IP addresses), and a Python script that executes them in various sequences. Other collaboration platforms like Slack have similar features, Talos reported. However, there are some things I want to clarify. Required fields are marked *. It's not. Social media has turned into a playground for cyber-criminals. Discord needs to clean up its act before more people get hurt! While it would be impractical to list off the full set of static and behavioral detections that these files might trigger if executed on a protected machine, we can safely say that the full set of files has been processed by the Labs team, who ensured that our existing defenses could block any of these from causing damage. I'm not 100% sure, but i heard that tomorrow is a cyber attack event, on all social media platforms including discord there will be people trying to send you gore, extreme profanity, porn, racist slurs, and there will also be ip grabbers, hackers and doxxers. The 10 Biggest Cyber And Ransomware Attacks Of 2021 Michael Novinson December 23, 2021, 03:35 PM EST Technology, food production and critical infrastructure firms were hit with nearly $320. (You're not wrong) i mean what i didnt say anything. It does not matter if it is real or not, the important thing is that everyone be careful with this delicate subject. Read More Load More And even for malware not hosted on Discord, the Discord API is fertile ground for malicious command and control network capability that conceals itself in Discords TLS-protected network traffic (as well as behind the services reputation). In another campaign using AsyncRAT, the malware downloader looked like a blank Microsoft document, but when opened used macros to deliver the bug. The Mystery Vehicle at the Heart of Teslas New Master Plan, All the Settings You Should Change on Your New Samsung Phone, This Hacker Tool Can Pinpoint a DJI Drone Operator's Location, Amazons HQ2 Aimed to Show Tech Can Boost Cities. Unfortunately, 2021 was no stranger to these instances. Please pass this on to any servers that you own or have admin perms and can server ping in to spread awareness. We also encountered several ransomware families hosted in the Discord CDNlargely older ones, usable only to cause harm, as theres no longer a way to pay the ransom. Because so many of the files had been there for months, the destination servers did not respond, but we could observe the profiling data being written to the hard drive. CDNs are also handy tools for cybercriminals to deliver additional bugs with multi-stage infection tactics. Follow him at @threatresearch on Twitter for up-to-the-minute news about all things malicious. 3. Now, a group of researchers has learned to decode those coordinates. One of the samples drops a batch script that attempts to delete registry keys and terminate the processes or services of dozens of endpoint security tools. The largest cybersecurity ETF (CIBR) jumped 25% over the next six months: Source: RiskHedge This wasn't the first time a major hack sent cyber. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. By rejecting non-essential cookies, Reddit may still use certain cookies to ensure the proper functionality of our platform. That's what you guys need to know. In addition to message and stream routing, Discord also acts as a content delivery network for digital content of all types. Discord gets revenue from premium services delivered through the platform, including server boosts that allow groups to increase the performance of their server instances live streaming and voice chat and add custom features. Part IV Increased social engineering attacks. Save my name, email, and website in this browser for the next time I comment. Find out on April 21 at 2 p.m. , Oakland County Obituaries, Agreeable Gray Dunn Edwards, Cyber Attack Tomorrow 2021 Discord, Colorado Knife Makers, Jfc Naples Housing, Best Tiramisu Martini Recipe, What . But the primary responsibility to put more security in place is on the platforms themselves, according to Oliver Tavakoli, CTO of Vectra. Stay safe from these scams as they occur more often. Reading time: 15 minutes. In many cases, Cisco found, those files are malicious; the researchers list nine recent remote-access spy tools that hackers have tried to install in this fashion, including Agent Tesla, LimeRAT, and Phoenix Keylogger. At least one in eight major corporations will have security breaches due to social media hackers in the coming new year. I have been warning people away from Discord as well. Request sponsorship information Featured Speakers For speaking opportunity, please contact us at hello@thetehgroup.com And spread awareness to who spreads the Pridefall attack message. With a 1,070 percent increase in ransomware attacks year-over-year between July 2020 and June 2021, staying on top of attack trendssuch as ransomware and supply chain threatsis more important than ever. It's fake, the discord staff and developers etc will do a annoucement about It because CBs arereally dangerous so ofc they will do a annoucement about It so It's fake. Now Its Paused. romanian here, it actually translates to virus, because youre a dumbass, Your email address will not be published. At the time of writing, Discord does not implement client verification to prevent impersonation by way of a stolen access token, according to Talos. Since 2007 Russia has been responsible for more than 15 cyber attacks worldwide including in countries across Europe, Asia, and the USA. 687. Some of the stealers attempted to download a malicious Visual Basic Script file directly from Github or from Pastebin. The installer actually does deliver a full version of the ubiquitous creative block-building game, but with a twist. When WIRED reached out to Discord and Slack, a Discord spokesperson said that the company does proactively scan for malware in files that are hosted on its platform, takes down any hosted malware that's reported to it by users or security researchers, and seeks to identify groups of users who are abusing its tools for cybercriminal purposes. The solutions, much like the threats themselves, need to be multi-faceted, according to experts. (Side note: I copied this announcement to spread the word. Amid isolating sanctions, a Russian tech giant plans to launch new Android phones and tablets. I advise no one to accept any friend requests from people you don't know, stay safe. While there were too many incidents to choose from, here is a list of . Some of these token stealer malware include the victims avatar graphic, and their public-facing IP address, which they retrieved using services like ifconfig.me, ipify.org, iplogger.com, or wtfismyip.com. Your email address will not be published. The World Economic Forum (WEF) will stage a 'cyber attack exercise' in July, it has been revealed, as the group prepares for what it describes as 'the potential for a cyber pandemic'. The Python scripts internal comments indicate that it was designed to attack servers hosted on two platforms: Amazons AWS, and NFO Servers (a service that hosts private game servers for MineCraft, Counter Strike, Battlefield, Medal of Honor and other multiplayer games). The ACSC Annual Cyber Threat Report 2019-20 is accessible via the website. The pandemic-induced shift to remote work drove business processes onto these collaboration platforms in 2020, and predictably, 2021 has ushered in a new level cybercriminal expertise in attacking them. It also makes it an ideal platform for abuse by malicious actors. The versatility and accessibility of Discord webhooks makes them a clear choice for some threat actors, according to the analysis: With merely a few stolen access tokens, an attacker can employ a truly effective malware campaign infrastructure with very little effort. As a result, users may respond too quickly or share information across communication tools without much thought, leading to diminished security and the escalation of a potential threat. The trick, the team said, is to get users to click on a malicious link. Russia maintains one of the world's most . Hunting through telemetry, we found 58 unique malicious apps that can be run on Android devices. The message goes like this:"Bad news, today is Pridefall which is a cyber-attack event, on all social media platforms including discord there will be people trying to send you gore, extreme profanity, p*rn, racist slurs, and there will also be IP grabbers, hackers, and doxxers. CISOs may consider implementing additional layers of security within systems. In April, we reported over 9,500 unique URLs hosting malware on Discords CDN to Discord representatives. These have been disclosed to Discord, and the majority of them have since been removed; however, new malware continues to be posted into Discords CDN, and we continue to find malware using Discord as a command and control network. Slack says it's also working on more malware protection and link-scanning tools that will roll out this spring. You may never get hacked by accepting a request. Use my tips. Imagine a Place where you can belong to a school club, a gaming group, or a worldwide art community. One Discord network search turned up 20,000 virus results, researchers found. Type of Attack: Wiper malware. @everyone Please listen to the instructions in this message : it is not written by me, but this is a very real threat. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content. Hope everyone is safe. I cant confirm theyre real cause it might just be someone tagging along? To mitigate the risks, more focus on least privilege is needed, as its still too common for users to run with local admin rightsEmail and office applications provide a number of hardened settings to combat malware and phishing; however, not enough organizations make use of them. I advise no one to accept any friend requests from people you don't know, stay safe. While a few of the files generated codes that resemble those used to upgrade a standard Discord account to the Discord Nitro version, most did not. WASHINGTON A ransomware attack paralyzed the networks of at least 200 U.S. companies on Friday, according to a cybersecurity researcher whose company was responding to the incident. "Over the last several months weve seen tens of thousands, and the rate has been steadily increasing," says Biasini. Disguised as a mod with special features called Saint, the Minecraft installer bundled a Java application that was capable of capturing keystrokes and screenshots from the targets system, as well as images from the camera on the infected computer. By accepting all cookies, you agree to our use of cookies to deliver and maintain our services and site, improve the quality of Reddit, personalize Reddit content and advertising, and measure the effectiveness of advertising. The attackers achieved persistence through the creation of registry run entries to invoke the malware following system restarts.. "Bad news, today is pridefall which is a cyber attack event, on all social media platforms including discord there will be people trying to send you gore, extreme profanity, p*rn, racist slurs, and there will also be ip grabbers hackers and doxxers. Even if you dont have a Discord user in your home or office, abuse of Discord by malware operators poses a threat. The official 'Among Us Cafe' was hacked this morning and shit got out of control!! You have nothing to be afraid of in case you saw the message. As a company owner, you should keep a check and ensure that there are regular backups of the business data. April 12, 2021 EXECUTIVE SUMMARY: At least one Discord network search emerged with 20,000 virus results, found some researchers. Oct 23, 2020. This reminds me of the Instagram hoax where it some crap that goes like "instagram is deleting accounts on old servers, post this to keep your account saved" or whatever. These include .ACE, .GZ, .TAR and .ZIP, along with less commonly seen kinds, such as .LZH. The functionalities that make it easy to hack into a collaboration platform arent unique to Discord or Slack. Since Colonial Pipeline is a significant fuel provider, this ransomware attack seriously impacted petroleum, diesel, and jet fuel supplies across the East Coast of America. The versatility and accessibility of Discord webhooks makes them a clear choice from some threat actors, states the report. ET during aFREE Threatpost event, Underground Markets: A Tour of the Dark Economy. Experts will take you on a guided tour of the Dark Web, including whats for sale, how much it costs, how hackers work together and the latest tools available for hackers. Instead, they simply take advantage of some little-examined features of those collaboration platforms, along with their ubiquity and the trust that both users and systems administrators have come to place in them. Pfp was a pride flag with a big red x on it and they spammed something along the lines of Lgbtq people are sinners and should die. Russian Cyber Attacks - Detailed Statistics & History (Explained) in Cyber Security News Published: February 28, 2022. I wish you all safety. Hackers have also used the technique to plant malware that steals Discord authentication tokens from victims' computers, allowing the hacker to impersonate them on Discord, spreading more malicious Discord links while using a victim's account to cover their tracks.