- cross-posted to:
- technology@beehaw.org
- cross-posted to:
- technology@beehaw.org
“Attackers, Trellix wrote, use the platform’s webhooks to pull data from victims’ computers and drop it into Discord channels run by the attackers.”
“Attackers, Trellix wrote, use the platform’s webhooks to pull data from victims’ computers and drop it into Discord channels run by the attackers.”
This is… annoying. I get the intent for malware, but honestly it’s a BS reason. The content will just be uploaded elsewhere. But what this will do is drastically lower their storage cost under the guise of… not even user safety, more “slightly inconveniencing malware writers.”
Yes, it’ll be uploaded elsewhere. That’s the whole point.
Discord doesn’t want to host any of this data, they don’t want to be connected to criminal activity. It makes sense.
Also, while it might slightly lower their storage costs (if the hackers move elsewhere), if you send a file to someone, it’ll still stay on Discord’s servers. Only difference is the link to said file - it’ll only be valid for a day, and then you’ll have to use a new one (in a way that’s probably transparent to the user)
The goal here is to make it difficult to link to things uploaded to discord from outside of discord. The malware reason is BS. If they wanted to curb malware it would be as easy as making it a nitro feature. What that doesn’t fix is all the people piggybacking on discord as a free CDN.
Discord isn’t even wrong for doing this. I just resent their dishonesty.
Not sure rolling it into Nitro would be worth the effort, I’d consider that quite complex personally