A critical security flaw was recently discovered on a widely-used communication platform, potentially allowing malware to spread through seemingly harmless expired links. The vulnerability centered around invite links that had already passed their expiration date or were no longer valid.
Normally, clicking an expired invite link should result in a message indicating the link is no longer active or the user being unable to join a server. However, this flaw allowed a malicious actor to manipulate these old, expired links. By exploiting the vulnerability, attackers could redirect users who clicked the outdated link to a malicious destination, such as a website hosting malware downloads, instead of triggering the expected “expired” message.
This exploit was particularly deceptive because users might trust links previously shared by friends or found in old chat logs, believing them to be safe, even if they were expired. The attack didn’t require changing the visible part of the link itself, making it difficult for users to detect the redirection. This presented a significant risk of users inadvertently downloading and executing malicious software onto their systems.
Fortunately, the vulnerability was responsibly disclosed and the platform has since implemented a patch to address the issue. This ensures that expired invite links now correctly function as intended, displaying an expiration message or failing to connect, thus preventing their misuse for malware distribution. Users are always advised to exercise caution and maintain up-to-date security software.
Source: https://www.bleepingcomputer.com/news/security/discord-flaw-lets-hackers-reuse-expired-invites-in-malware-campaign/
