this post was submitted on 05 Nov 2023
81 points (100.0% liked)

Technology

37720 readers
29 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
top 18 comments
sorted by: hot top controversial new old
[–] RocketBoots@programming.dev 36 points 1 year ago* (last edited 1 year ago) (1 children)

This is a very sensible change. It's an open secret that discord has been leveraged by hackers for quite some time. You can even search Github and find examples where exfiltration of data is done via discord. Discord is not a file host and should not be used as such. I'm just glad they're doing it in such a way to minimize the impact on users and devs.

I don't know how much of a difference it will make.

It's easy to host files. Even if the malware "author" is clueless and just buying a customizable malware, either they'll figure out how to host files or file hosting will be provided along with the service they're buying.

It may not stop Discord from being the file host either. Malware distributing bot accounts could keep copying a new link to the file, or could upload a new version of the file on demand.

Discord can't expire webhooks the same way so webhooks will continue to be used for exfiltration. Pointing out that it's used for exfiltration as if it were related seems like bad reporting. It's a difficult problem because if they did break webhooks it'd only make things more difficult for legitimate users. These malware packages usually hijack the user's Discord installation and could send out the information as the user without using webhooks.

[–] Nighed@sffa.community 29 points 1 year ago (5 children)

It's not as bad as the title - read the TLDR.

It's a resonably sensible change. I wouldn't be surprised if they extend it to images etc (on a longer timescale) as I keep seeing people hosting images off discord...

[–] iso@lemy.lol 26 points 1 year ago (1 children)

I don’t understand people using Discord, Twitter or Facebook links to share images. MF it will expire in a day.

[–] DuckGuy@mander.xyz 11 points 1 year ago

Half the time when I click an image link hosted on Discord, it turns out to be a dead link. I hope this new policy will help make them dead-er so people can finally stop using them. Discord isn't Imgur, Jesus.

[–] i_am_not_a_robot@discuss.tchncs.de 1 points 1 year ago (1 children)

Images are files and are affected.

[–] Nighed@sffa.community 1 points 1 year ago* (last edited 1 year ago) (1 children)

I guess so, it depends how they are treating them though. Image files (probably) are not being used to distribute malware and are going to create a lot more dead links.

Is this change live? We could probably test it. (Re read the article - not yet)

It's been partially live for weeks. If you copy a link to a file, including images, the link has the new parameters on it.

load more comments (3 replies)
[–] autotldr@lemmings.world 9 points 1 year ago

🤖 I'm a bot that provides automatic summaries for articles:

Click here to see the summaryThe company told Bleeping Computer that doing so will help the company fight malware spreading on its platform since that gives it more ability to “restrict access to flagged content.”

According to the article, Discord says the change won’t affect anyone sharing content on the platform, as links within the client will be refreshed automatically.

However, links shared outside of Discord won’t work a day after they’re regenerated.

The company said that it will share more “in coming weeks” with developers, who “may see minimal impact.”

As Bleeping Computer notes, cybersecurity company Trellix reported it had “found around 10,000” malware samples distributed online that were stored on Discord’s content delivery network (CDN).

Attackers, Trellix wrote, use the platform’s webhooks to pull data from victims’ computers and drop it into Discord channels run by the attackers.


Saved 18% of original text.

[–] totallynotfbi@lemm.ee 4 points 1 year ago

I've looked around malware link scrapers (ex. URLhaus) before, and I recall seeing that a large portion of the malware links were hosted on Discord, especially trojans. Although it will break a lot of legitimate shared files, I respect them for fixing this security issue