Cisco s Talos cybersecurity team said in a report on collaboration app abuse this week that threat actors have increasingly used apps like Slack and Discord to trick users into opening malicious attachments. The trick, the team said, is to get users to click on a malicious link to open malicious attachments and deploy various RATs and stealers, including Agent Tesla, AsyncRAT, Formbook and others. The researchers saw this behavior across malware, adding that one Discord CDN search turned up almost 20,000 results in VirusTotal.
Source: https://threatpost.com/attackers-discord-slack-malware/165295/