Discord recently announced a significant step in advancing security measures on their platform. By the close of this year, the company plans to implement a new system where file links will start to refresh every 24 hours. Discord, a platform that services millions of active users daily, sees this change as a way to bolster cybersecurity and mitigate the spread of damaging malware.
Evolving Anti-Malware Approach
Discord told Bleeping Computer that this would augment their existing anti-malware actions, as frequent refreshing offers an additional way to restrict access to content that has been flagged as problematic. By frequently refreshing and modifying link identifiers, at a daily interval, malicious users will have fewer opportunities to exploit these links for distributing harmful programs.
Notably, Discord's internal operations will not be affected. Any link that is shared directly on the platform will automatically be renewed on a 24-hour cycle, maintaining seamless access for legitimate users.
The Impact on External Sharing
However, this approach poses potential complications for sharing outside of Discord's closed ecosystem. Links, once refreshed, would not continue to function past the 24-hour regenerative cycle when shared externally. This development emphasizes Discord's message that their platform should not be considered a durable hosting service.
It is noteworthy that the company plans to work with developers in the coming weeks. They foresee that this update may cause minimal disruption but will work closely with their network to ensure the smooth transition of services.
Malware: A Growing Threat on Discord
Discord's new policy is timely, especially considering recent findings from cybersecurity company Trellix. Approximately 10,000 malware samples were identified, linked to Discord's content delivery network (CDN). These harmful programs were deployed through the platform's webhooks, a functionality designed for automated data pull to Discord channels. Here, attackers manipulated the feature, drawing data from victims' devices and funneling it into channels they control.
This move to expire links after 24 hours marks Discord's proactive approach to stymie any further exploitation of its platform. As security threats continue to evolve in the digital realm, Discord's decision to put this measure in place increases user protection and ensures a safer digital interaction environment.
Discord's Growing Relationship with Microsoft
Last July, Microsoft announced a partnership with Discord to bring the latter's massively popular voice chat product to Xbox consoles. In September the integration went live, but is for some reason a complex process for something that should be simple. In August, the two companies combined to bring Xbox game streaming directly to Discord.