clock menu more-arrow no yes mobile

Filed under:

Chat service Discord gets enhanced security after vulnerabilities discovered

Symantec says it’s working to make the free chat service safer

If you buy something from a Polygon link, Vox Media may earn a commission. See our ethics statement.

Security firm Symantec, makers of the popular line of Norton consumer software products, says that users of the Discord service could be at risk. It seems that malicious malware has been making the rounds, and the company is working with Discord to remove those files and better protect users going forward.

“Symantec Security Response contacted Discord’s security team when the discovery was made,” Symantec said in a news release. “Discord quickly removed the malicious files from the servers’ chat channels. Discord has since added a new virus scan feature which runs on the backend whenever a user uploads an executable or archive file.”

“Discord takes the security and safety of our community very seriously,” a Discord representative told Polygon. “As part of our approach to creating a safe environment for everyone using Discord, we recently rolled out a protective service for all uploaded files that scans and deletes any malware or infected files. In addition, all file downloads go through the user’s web browser, such as Chrome, which has an additional layer of security.”

Discord has taken off in the last year as the go-to solution for gaming communities. It offers a Slack-like interface, file sharing and voice communication as well as API hooks for many popular games. That popularity has led to exploits. Symantec noted that it had also detected evidence of stolen consumer data being shared on a Discord-based black market.

Earlier this month, the Discord blog published a lengthy, tongue-in-cheek, mostly meme-based security roundup. It mentioned things like two-factor authentication and tools for streamers sharing their channels publicly. For its part, Symantec suggested few common-sense steps which include using Discord’s permission control features and to automating monitoring using community-created bots.

You can read the full press release here.

Sign up for the newsletter Sign up for Patch Notes

A weekly roundup of the best things from Polygon