Discord changes specifications to ``link breaks in 24 hours'' to reduce malware distribution via CDN



Communication service Discord has announced that it will change its system to a system where all links to files uploaded to Discord servers will expire after 24 hours to prevent the spread of malware via

content delivery networks (CDNs). did. The new system is expected to be implemented by the end of 2023.

Discord will switch to temporary file links to block malware delivery
https://www.bleepingcomputer.com/news/security/discord-will-switch-to-temporary-file-links-to-block-malware-delivery/



Discord file links will expire after a day to fight malware - The Verge

https://www.theverge.com/2023/11/4/23946640/discord-file-links-will-expire-after-a-day-to-fight-malware



According to Discord, all file links uploaded to the server will expire in 24 hours after changes to the file hosting system are scheduled for the end of 2023. Therefore, after the expiration date, the linked destination will no longer be accessible. Specifically, the URL of a file uploaded to Discord will now include a timestamp indicating an expiration date and a parameter to add a unique signature that will remain valid until the link expires. Also, if you want to access the file after the expiration date, you will need to generate a new link.

Discord said, ``This switch in the link system is an effort to address concerns that malware is being spread via CDNs, leading to cybercrime.As a result of this initiative, access to flagged content will be restricted. 'This will help combat the spread of malware on the platform.'

On the other hand, Discord said of the change, ``This system change will automatically update links within the client, so it won't impact many users, especially those who prefer to share content through the Discord client.'' It should be minimal.” In addition, Discord says, ``If you are using Discord to host files, we recommend finding a more suitable service other than Discord.''



Cybersecurity company Trellix reports that ``approximately 10,000 malware samples have been found on Discord's CDN,'' and that ``attackers are using the platform's webhooks to access malware victims' computers and private individuals. They acquire information and other data, and then leak it to a Discord channel run by the attacker.''

Bleeping Computer, an overseas media outlet, said, ``Discord's previous system was easy to abuse, including distributing malware and leaking data.'' Despite the problem becoming more widespread in recent years, Discord has become a hotbed for cybercriminals. 'We have had difficulty implementing measures to prevent and address the issue from exploiting the platform.'

Discord says, 'This change will have minimal impact on Discord developers, and we are working closely with the community on the change. This change will roll out in the second half of 2023. We will share further information with developers in the coming weeks.'

in Web Service, Posted by log1r_ut