Amid the lockdown due to COVID-19 pandemic, when people were
compelled to stay at home and maintain social distancing, there was a
rapid rise in online gaming. Eventually, the rate of cyberattacks targeting
online gamers also increased with attackers using spam emails and
legitimate-looking links to gaming software to serve up Epsilon
ransomware, the XMRrig cryptominer and various data and token
stealers.
Security researchers have detected several campaigns where attackers
have leveraged Discord platform by planting malicious files inside the
platform and tricked the gamers into downloading malware-laced files.
Discord group-chatting platform was originally built for gamers but later it
evolved to be a virtual platform for socializing that supports voice, video,
or text thereby allowing all to interact within created communities. The
app is mostly used by gamers for creating communities on the web,
called “servers,” either as standalone forums or as part of another
website.
Researchers have observed that these Discord attacks are initiated by
spam emails in which users are tricked with legitimate-looking templates
into downloading next-stage payloads. The attack vector uses Discord
services to form a URL to host a malicious payload. Malicious files are
renamed as pirated software or gaming software to trick gamers.
Additionally, the file icons are also related to gaming software to trick
gamers.
Attackers used Discord App to target Online Gamers
RELATED ARTICLES
Recent Comments
CamPhish
on