Hackers are exploiting flaws in Discordโs invite system by hijacking expired or deleted invite links to redirect users to malicious sites hosting remote access trojans and info-stealing malware. This attack campaign has affected over 1,300 users across multiple countries by using fake communities and multi-stage infection chains. #DiscordInviteHijack #ClickFixMalware
Keypoints
- Hackers reuse expired or deleted Discord invite codes to create malicious links.
- The flaw involves Discordโs handling of temporary and permanent invite codes, including vanity links.
- Malicious servers appear legitimate but only show a single verification channel.
- Users are tricked into executing PowerShell commands that download malware like AsyncRAT and info stealers.
- Admins are advised to use permanent invites and remain cautious of outdated links and suspicious verification requests.