Cyber-criminals use VoIP services to infect gamers with malware
Since being released in March last year, Discord's popularity has increased especially among gamersThe growing popularity of VoIP messaging service Discord among gamers is attracting hackers, according to Symantec.
In a blog post, the company claims to have detected several Trojans in gaming chatrooms, specifically three types of malware; Nanocore, njRAT and SpyRAT.
Since being released in March last year, Discord's popularity has increased especially among gamers, given that it is free, simple, multi-platform, and innovative. As of July 2016, more than 11 million people have used it.
Using its chat feature, Discord's users can post messages and links, embed pictures and videos, and upload attachments. Most gamers' teams and guilds also use some chat channels as documentation boards, explained Symantec.
“Since the chat app allows members to upload most types of files, attackers can create a server and post or upload malicious attachments to the chat, then use it in a second-stage attack as a download site,” said Lionel Payet, threat intelligence officer at Symantec.
“Other attackers don't have to create a server of their own—they could simply manually post malware to a server they had been invited to, so they could bait other unwitting users into opening the threat.”
As well as the remote access Trojans mentioned earlier, Symantec has also found various info stealers, Trojan Horse malware samples, and downloaders hosted on Discord.
Payet said the majority of targets are from the gaming community. “The app does attract a large number of video-streamers as its technology allows for synergy, a mode that lets users hide sensitive information while streaming content such as gaming sessions,” he added.
The attackers behind the RATs and other malware may have distributed their threats on the service to steal sensitive information related to online gaming (credentials, items, in-game currency, and contacts) directly from the victim's computer.
“This data can be valuable to attackers just as much as other personally identifiable information (PII), such as user's bank account details, web service credentials, contact numbers, IP addresses, and biometric information. These could all be harvested by data thieves in the process,” said Payet.
Read more here: www.scmagazineuk.com/hackers-sow-discord-among-gamers/article/567340/