Phishing using Discord webhooks will be harder.

“Attackers, Trellix wrote, use the platform’s webhooks to pull data from victims’ computers and drop it into Discord channels run by the attackers.”

  • KairuByte@lemmy.dbzer0.comEnglish
    551·
    1 year ago

    This is… annoying. I get the intent for malware, but honestly it’s a BS reason. The content will just be uploaded elsewhere. But what this will do is drastically lower their storage cost under the guise of… not even user safety, more “slightly inconveniencing malware writers.”

  • Dandroid@dandroid.appEnglish
    54·
    1 year ago

    I wonder if McAfee changing their name to Trellix to escape how much the general public hates them will work better than Comcast rebranding as Xfinity.

    • SheeEttin@lemmy.worldEnglish
      312·
      1 year ago

      The general public doesn’t hate McAfee that much, so I’d bet it’ll work. Heck, I work in IT and I didn’t even know about the rebrand (mostly because I engage with McAfee as little as possible).

      • Scrubbles@poptalk.scrubbles.techEnglish
        91·
        1 year ago

        Yeah let’s keep that going here. From here on our whenever I see Trelix I will say “Trelix, the brand fomally known as McAfee.”

          • Scrubbles@poptalk.scrubbles.techEnglish
            3·
            1 year ago

            Yes, but I like this because it ingrains in people’s heads that when they hear Trelix they should think McAfee, to make that connection. Like with Xfinity, they don’t want that connection made, they want people thinking “Oh I don’t have that crappy Comcast service, I have Xfinity”. I’ll be saying it this way to show people that they’re the same thing

  • justaveg@lemmy.worldEnglish
    503·
    1 year ago

    lol@ this. My bet what is actually happening: cost cutting or future nitro feature.

  • Chewy@discuss.tchncs.deEnglish
    10·
    1 year ago

    It’s an annoying change for anyone using discord to share files outside of it’s closed platform but doesn’t affect most people.

    I wonder whether bridges for matrix have to be fixed or if they’re already editing messages bridged to matrix to the new url.

    • deadcade@lemmy.deadca.deEnglish
      5·
      1 year ago

      Depends on how it’s implemented. Anyone using a “media proxy” will see their discord bridged media probably fail to load (outside of possible caches) after a day. Anyone who has their bridge configured to reupload discord media to their homeserver should see no change.

      • cybersandwich@lemmy.worldEnglish
        1·
        1 year ago

        What is this bridge you speak of? I’m intrigued. Does matrix have a functionality that lets you run a mirror of a discord channel?

        • NorthWestWind@lemmy.worldEnglish
          4·
          1 year ago

          Yes, but you have to selfhost your own instance. Big servers don’t have that, and the ones that have probably require payment.

        • bitwolf@lemmy.oneEnglish
          1·
          1 year ago

          Yes exactly. The bridge logs into the discord server as a user. Then it mirrors all chats from your user in matrix to the discord.

          Oh matrix, every user on the connected server gets a user whose name is their snowflake. Those virtual users post into the matrix server whatever their respective discord users posts.

  • ndguardian@lemmy.worldEnglish
    9·
    1 year ago

    Honestly, I’m okay with this at least until they fix the fact that all shared files are accessible without authentication. Granted, you still had to get the link before downloading an uploaded file, but the fact that there was no authentication required to download a file uploaded to Discord was pretty surprising.

    • computergeek125@lemmy.worldEnglish
      1·
      1 year ago

      It’s probably also way cheaper to do it that way. As far as I could tell when I checked in on it some time ago, most of the content goes through a Cloudflare proxy straight to a GCP S3-compatible bucket.