Cyber-security researchers have discovered a new malware that is distributed over the popular chatting platform Discord which has more than 300 million active users.

The team from CyberArk Labs spotted the malware called Vare which uses Discord’s infrastructure as a backbone for its operations.

This malware is linked to a new group called ‘Kurdistan 4455’ based out of southern Turkey and is still early in its forming stage, according to security researchers.

The cyber-security firm contacted Discord and notified their support team of the different ways attackers misuse Discord’s features, and of the new malware group.

“However, despite our numerous attempts we did not get a definitive response from Discord,” they said in a blog post.

The origins of malware on the platform can be traced back to the introduction of Discord Nitro. For a monthly fee, Nitro allows users to send larger files and longer messages, have higher quality video streaming, and much more.

Buy Me A Coffee

The malware group ‘Kurdistan 4455’ has adopted past methods for its own benefit, targeting other malware groups instead of users, reaping their success with minimal effort.

Vare is malware written in Python. It is an info stealer that uses Discord both as a data exfiltration infrastructure and a target to steal from.

The security researchers scanned and analyzed 2,390 of GitHub’s public repositories related to Discord malware.

They found 44.5 percent of repositories are written in Python and are standalone malware.

READ
Vietnamese Hackers Fuelling WhatsApp e-challan Scam in India: Report

About 20.5 percent of repositories (second in popularity) are written in JavaScript and these repositories mainly take the approach of injecting into Discord.

“Vare is a perfect case of how publicly available repositories are being used to help arm cybercrime groups and how attackers can leverage Discord’s infrastructure maliciously,” said the report.

With Discord being such a popular platform among corporate developers, these developers could potentially put their organizations at risk if the malware is able to infect their endpoints.