Cybercriminals are using messaging apps to deliver malware

Image by inkdrop via Freepik

Cybercriminals have started to use messaging apps like Discord and Telegram to spread malware. Used in conjunction with information stealers, cybercriminals have found ways to use these platforms to host, distribute, and execute various functions that ultimately allow them to steal credentials or other information from unsuspecting users, Intel 471 research shows.

Intel 471 researchers have discovered several information stealers that are freely available for download that rely on Discord or Telegram for their functionality. The stealers can pilfer all types of information, including autofill data, bookmarks, browser cookies, credentials from virtual private network (VPN) clients, payment card information, cryptocurrency wallets, operating system information, passwords, and Microsoft Windows product keys.

Intel 471 researchers have also observed threat actors abusing the cloud infrastructure used by messaging apps to support malware-spreading campaigns. Many threat actors currently use Discord’s content delivery network (CDN) to host malware payloads.

For more information, visit intel471.com.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.