Cybercriminals are using messaging apps to deliver malware

Image by inkdrop via Freepik

Cybercriminals have started to use messaging apps like Discord and Telegram to spread malware. Used in conjunction with information stealers, cybercriminals have found ways to use these platforms to host, distribute, and execute various functions that ultimately allow them to steal credentials or other information from unsuspecting users, Intel 471 research shows.

Intel 471 researchers have discovered several information stealers that are freely available for download that rely on Discord or Telegram for their functionality. The stealers can pilfer all types of information, including autofill data, bookmarks, browser cookies, credentials from virtual private network (VPN) clients, payment card information, cryptocurrency wallets, operating system information, passwords, and Microsoft Windows product keys.

Intel 471 researchers have also observed threat actors abusing the cloud infrastructure used by messaging apps to support malware-spreading campaigns. Many threat actors currently use Discord’s content delivery network (CDN) to host malware payloads.

For more information, visit intel471.com.

Situational awareness should be at the forefront of your security program. It can mean the difference between life and death in a workplace emergency.

Security’s digital transformation is now entering stage 5. Complex security technologies are connected to HR systems, global security operations centers, and other building technologies in a world where employees now work in two places: home and the corporate office.