Discord is the go-to chat app for gamers everywhere, handling everything from voice and video to screen sharing and custom servers. But here’s the twist: security researchers recently uncovered that old or expired Discord invite links are being twisted into traps for phishing attacks. Those innocent-looking invites might lead you into some nasty malware setups.
A Check Point Research report covered by TechRadar explains how attackers hijack these old invites and redirect new users to malicious servers. At first glance, the verification screen looks legit, just like when you join any new Discord server, so it might not raise alarms immediately.
Things get messy once you authorize the bot on that fake verification prompt. That action kicks off an “authentication flow,” funneling you to a phishing site that can seriously compromise your PC. It’s a classic multi-stage attack: the kind of thing that nobody wants to experience firsthand.
Discord responded quickly and disabled the malicious bot involved in the campaign, which helped stop the current attack chain. However, the bigger problem remains because attackers could spin up new bots or use other tricks with the same approach.
Interestingly, this isn’t just about Discord invites. The same threat actors also run a campaign using pirated DLC for The Sims 4. They use a similar loader framework with payloads like AsyncRAT and a variant of Skuld Stealer, which are designed to snatch credentials and cryptocurrency wallet data. They especially target wallets like Exodus and Atomic by injecting malicious JavaScript that steals seed phrases and passwords through Discord webhooks.
Once infected, victims face persistent malware. AsyncRAT keeps reinstalling itself even if you try to remove it, keeping attackers in remote control of your system. Yikes!
I’m not a cybersecurity expert, but after years of dealing with computers, I know this much: if you see something that asks you to open a command prompt or authorize unknown bots, just pause. Seriously, don’t run anything you don’t fully trust or understand. When you hit a suspicious screen like this:
Close the window immediately and go outside for a bit if you have to. It might sound dramatic, but it’s a simple way to save yourself a lot of trouble.
It’s kinda scary how clever these hackers get, right? But it makes me wonder: how many people have already been caught off guard by this? And what’s next for Discord’s security? I’ll keep an eye out for any updates from Discord themselves.
