This is a red flag report. Cisco’s Talos team has found that cyber criminals are increasingly targeting the Discord and Slack chat platforms to carry out their attacks. This choice is not due to chance and these two services have seen very significant growth since the beginning of the pandemic.
Specifically, the researchers found that none of the techniques used exploited a security gap in these platforms. They just take advantage of the existing features and the trust the users have in them. This is especially the case with link sharing, which is the bulk of the threats.
Malicious actors adapt to current events
In detail, Slack and Discord allow files to be uploaded to their servers and links to that data to be created externally. This is exactly how hackers succeed in distributing certain malware, including LimeRAT or Phoenix Keylogger.
To cope with threats, platforms will likely need to put in place new security measures and potentially tighter access controls. The use of a customized antivirus solution also remains essential as users are made aware of the risks they are taking.
It should also be noted that the use of telework is a real cybersecurity challenge. The British think tank Royal United Services Institute recently took an interest in the phenomenon of ransomware, which has been on the rise since the beginning of the crisis. According to them, working remotely doesn’t help. It has indeed helped malicious actors gain a foothold on corporate networks. Phishing is widespread and makes it possible to catch employees who are increasingly dependent on electronic communication with their colleagues.
As is so often the case, cyber criminals intelligently adapt to the news. Such is the case with these hackers, which were discovered by the Check Point company last year. They pretended to be job seekers by sending out fake resumes emails that were actually malware.
Bitdefender Plus Antivirus