A Discord scam that turns legitimate links into malicious ones can potentially put users’ data, computers, and even crypto wallets at risk. Users should exercise extreme caution before clicking on any Discord links and inspect the invites carefully to ensure that they’re not about to expose their PC or mobile data.
Discord got its start as a simple communication platform for gaming, but it has since evolved, expanding to many more users and uses. Users can text, voice, and video chat, as well as stream their screens, among other things. Outside of directly adding friends on the service, most users find communities by clicking invites and joining the servers they lead to. However, even Discord links that were once legitimate can potentially pose a hazard.
As initially reported by Check Point Research, there are exploits that can be utilized to convert expired Discord links into working invites that bring users to illegitimate servers. Most Discord users are accustomed to joining servers that have rules or wait times before being allowed to post, and this exploit takes advantage of that expectation. When a user clicks on one of the links and is taken to the illegitimate server, they’re then asked to verify their account by clicking on another link. This link then asks the user to follow a series of steps, which involves downloading and running a malicious PowerShell script that ultimately downloads more malware to the user’s computer, which may then capture their screens, keylog anything entered, and even gain access to plugged-in webcams.
Related Posts:
How The Discord Invite Scam Makes Use of Legitimate Links
Unfortunately, the biggest difficulty with this scam is that many links that were once legitimate could potentially be repurposed to lead to a scam. According to Check Point Research, temporary Discord invites and custom vanity invite links, which are available to boosted Discord servers, can be utilized, so long as they’ve expired. Essentially, when a Discord invite naturally expires or a server loses its boost and access to its custom invite link, another person with a boosted server can then set up a custom invite link through Discord using one of the expired invites’ URLs. Any links to those invites remaining on the internet would then point to the new scam server, instead. In other words, nearly any expired Discord invite link that was once legitimate has the potential to become a hazard if a malicious user uses the same URL to point to their own Discord scam server.
Since the original report from Check Point Research, Discord has shut down the bot that was being utilized to support this scam. However, the link issue remains unresolved, and other bots may arise. Users should still be cautious while clicking on any Discord invites, and where possible, stick to official Discord servers.
