In a report, Sophos revealed that Discord’s own content delivery network is hosting malware. These malicious pieces of code often target Discord accounts to steal passwords, personal information and to take over Discord chatbots. At least 1,800 malicious files have been analyzed by Sophos on the Discord CDN.
The platform’s application programming interface (API) is also being targeted by malware, allowing cybercriminals to conduct unscrupulous activities while remaining undetected under Discord’s transport layer security.
Sophos has alerted Discord of malware being hosted on its servers, with the latter taking down most but not all identified malicious files.
To Discord users, Sophos recommends installing a security solution. If you’re running a Discord server, avoid sharing tools and apps of unknown origin.