Hacking With Discord Just Got Harder
Vložit
- čas přidán 2. 06. 2024
- Go to ground.news/seytonic to stay fully informed. Subscribe for less than $1/month or get 40% off unlimited access to take advantage of their biggest sale of the year. Sale ends November 30.
0:00 Discord is Cracking Down on Hacking
1:59 Almost an Entire State Hacked
5:22 Rent a Hitman Fail
7:26 Hijacking AirTags
Sources:
www.bleepingcomputer.com/news...
news.ycombinator.com/item?id=...
www.bleepingcomputer.com/news...
www.trellix.com/about/newsroo...
ground.news/article/file-tran...
www.bleepingcomputer.com/news...
www.darkreading.com/attacks-b...
www.maine.gov/moveit-global-d...
www.justice.gov/usao-edla/pr/...
regmedia.co.uk/2023/11/06/zan...
www.theregister.com/2023/11/0...
rentahitman.com/
www.bleepingcomputer.com/news...
www.heise.de/news/Keylogger-k...
German keylogger video • Wir haben Apples Wo-Is...
===============================================
My Website: www.seytonic.com/
Follow me on TWTR: / seytonic
Follow me on INSTA: / jhonti
=============================================== - Zábava
Go to ground.news/seytonic to stay fully informed. Subscribe for less than $1/month or get 40% off unlimited access to take advantage of their biggest sale of the year. Sale ends November 30 :)
Ground News? Seriously? It's fucking terrible! It totally biased and not at all trust worthy! Just taking them as a sponsor really puts doubt in your due diligence. I didn't unsubscribe, but I came very close.
I get why discord are doing this, but I’m gonna miss having an empty discord server as my cloud provider 😅
And I'm sad that I'm too dumb to realise this potential and I've now totally missed the party.
I mean it sounds like it'll still be possible to do that, just that the links will expire but the file should still be there
Files hosted on discord are probably still persistent, just the download link expires. So no more long term direct links but you kinda still be able to use as a file host I guess..
My 85 TB rare pepe server ....
ehh I used to do this but I got banned and lost access to like 100+ accounts and emails
Imagine you create a goofy parody site, but you overestimated the intelligence of murderers and now you are on first name basis with the local FBI agents.
Comedy Gold.
Wonder how the site owner didn't get arrested to begin with. Even though it's a parody, the 3-letter-boys don't have a good sense of humor. lol
@@BillAnt its not entrapment if its a private citizen doing it! they'd be dumb to arrest the site owner.
SQL injection in 2023 is absolutely ridiculous. This problem has been completely solved on the developers end using ORM or Query Builders.
Imagine having a website prone to SQL Injection in 2023
Actually, when someone deleted the message that contain a file or media, it disables the link after some time (a few hours or a die).
It don't store permanent if the original message was deleted.
Every time Hire a hitman catches someone I think "surely this is the last one". We know these people have Google. 😂
I don't know how much I buy that this change to Discord is about malware so much as it is about Discord wanting to save on bandwidth by not being treated like a file server.
the rent a hit man site was made as a bug fixing group for programming, after people actually started requesting hitmen, they changed the site to the one that it is now
I live in Maine and can verify that the state is DUMB AF regarding this ordeal.
Their excuse for not disclosing the breach is so they could contact individuals.
They need you to contact a hotline to find out if you're affected.
WHY DO I NEED TO CALL IN, IF YOU HAVE MY INFO ALREADY!!!!
Hold times are bad but it's a third party doing the customer service 🙄🙄🙄🙄🙄
Overall, I'm not surprised having worked with the state's IT team previously.
Not to mention MOVEit was patched in FUCKING JUNE
Sadly, what happened with discord is just another case of bad actors making the user experience worse.
Btw, another amazing video
It's not about that, Discord loves black supremacists, anti-white racist servers, where they radicalize a lot of kids, they also love hosting pedo content, they just cracked down on hackers because of the war in Insrael.
Making an encrypted messaging app that uses Apple's find my network would be a much more interesting use case
this would be actually kinda similar to hacknet in a way
Loved all these topics! The air tag one way communication over Bluetooth story is insane. Potentially better communication method for spies than number radios?
as long as there are Apple devices around, it's a great way to send encrypted information yes.
Yeah the mesh network is massive. Brilliant idea honestly.
It's really stealthy since there's no cellular communication going on. It would work best in densely populated ares like large cities with lots of nearly iPhones.
Another banger of a video! Thanks for sharing & keeping us in the loop Seytonic!
I'm trying to watch this and just got done watching an ad and immediately another ad played and as of typing this I'm watching another ad
Love the sign in the photo "Welcome to Maine - the way life should be".
Perhaps not in this case...😅
I had my first discord server actually stolen from me with a crafty mod who sent me a weird bot link. Discord is actually crazy with just the flexibility it allows
Guilded (a discord alternative) also does direct file links, and they are less file size restrictive.
Does it allow black supremacist anti-white servers and pedo servers like discord ?
Who uses guilded
@@user-beerus me
@@user-beerusyou don't need a guilded account to use the direct download link, so the number of people who use it is completely irrelevant
It's owned by Roblox however
I feel like your writing and video production skills progressed from Good to Polished.
I think you should also mention that the new Discord link system doesn't affect emojis! So, non-Nitro users can be rest assured that their media links they use to insert big emojis will never expire!
Sollution? Setup a dynamic redirect link and have a Discord Bot or Crawler that simply renews the download source.
That's a known workaround, but it makes using it as a CDN more difficult, why should be enough to ward off low-effort attacks
Using discord is like negative opsec if you are a hacker tho
Realistically, just sign up with a vpn and throwaway email. You're only making a server with one channel anyway.
How cool is the airtag thing
While on topic of malicious links, recently I saw malicious link masked in a youtube redirect.
- m-Link pasted in the description
- video posted as private
- copy the middle stage of the redirect between youtube and m-Site
- redirect is still with youtube header - no detection
Stay safe out there.
In which circumstance can a kid get access to their teacher's keyboard, unattended long enough and with a tool to neatly open and close back it's casing?!
lol you can plug a keylogger into a usb port and then plug the keyboard into the keylogger. would maybe take 5 seconds, and wouldnt require opening up the keyboard at all
I love being a maine resident and you are the first time I have heard of this data breach
Aaaaayup. Also I busted out laughing when he said "unlimited resources" regarding the state. Maybe in NY or California but Maine? Nah 😂
wow nice video bro.
wow that's amazing.
The 'Hitman for hire' parody site made my morning.
Maine Local Gov: Oopsy, were we still using MoveIT.
I love you daddy Seytonic ❤️
This is crazy, wtf.
hello from australia!
Rent-A-Hitman, can I place a hit on the waiter that keeps giving me a paper straw? I mean, dayum! Leave three. I can't even stir my ice tea and lemonade without the straw bending or disintegrating.
2:10 fuuuuuuck definitely not in that 0.2% hahah
that sucks ngl
*Correction: Files are NOT permanently hosted.*
They remain for a set of hours before they turn invalid
Just like with messages, if you delete files or attachments they will be deleted from discord aswell, to preserve storage capacity.
False... Try it out yourself
Correct
@@AliveOPfiles are being deleted from media servers instantly once the origin message is deleted. CDNs though can take up to a few days to remove the file from the cache
Maybe the use of them seem rare because its soo good that barely anyone has found out. I am mostly joking but this could actually be true. Other usual methods can result in someone noticing weird behaviour on the system or network and thus catching it. But this method is outside the device and the network making it much harder to find out
Honestly good on the hitman site owner for contacting the fbi instead of laughing off "jasmine". Some random woman out there could be dead by now if jasmine pursued other means.
This actually happened about 6 months ago. Not sure why there weren't articles about it when people could have actually done something about it. But here we are. (Meanwhile, up at the Maine Capitol: Janet: "Timmy, make sure you get those security chickens set before your Pa gets home." ...s....m....f.....h.
My data was compromised at my doctor's because of MOVEit and so was 844999 other northern Californian's. Exhausting.
Files do actually get deleted off discord even if you have the link, maybe not regular files but images do get deleted.
Inb4 the method is to call a local server that constructs a valid extension on the url
I'm not sure if I'm just having deja vu, but I feel like I've heard that exploit (or maybe it was a different exploit) on MOVEit long ago.
Now you can store a message link, that contains a replaceme link, that contains the malware link, you will just have to update 3 links within a day (if changing message actually does that) so discord malware will break within a day without wifi.
So are my mp3 files I have in discord going to disappear after the new action takes affect? Or Am I not just going to be able to download them again once sent.
Thank you, Seytonic! Happy to be supporting your work. For anyone interested, check out the link above and let us know if you have any questions.
Ask him to pin your comment. So, it will be easier for people to connect with you.
Holy hell I only just heard about the Maine hack, note, I live in Maine
cant you create a link that when clicks generates a new discord link then redirects you to that , then boom you dont have to worry about the time limit.
Telegram allows you to upload up to 2gb files...
But it comes with the exception of non existing direct download links
Are the parameters extended attributes or Alternate Data Streams or forks (Linux, Windows, MacOS respectively)?
it's just parameters on the url, some POST request data
Assuming you're talking about the Discord links, it's just an HMAC with an expiration timestamp. It's also still a GET and not a POST request.
Why does discord directly embed a ttl in the link? Wouldn't that be pretty easy to forge?
It seems quite complicated considering they could create a redirect webserver which will automatically update the link and redirect you to the discord download :3
You'd lose the benefit of the good URL reputation from Discord though. Also implementing an HMAC requirement to download links isn't really that complicated.
nice! this should make discord more secure!
informative video
discord do this mostly to cut cost from people that are hot hosting files on their database
We love you @seytonic
:3
How did a whole state get hacked
I assure you it won't hinder them that much...I have a bogus discord account that I purchased nitro for once or twice so if it gets stolen I have a payment trail I can use to get it back with....a few of the servers that its in have already discussed this and have ways around this discord as a company is shady and shitty in general their only doing this to try and save their pathetic asses but its not going to help it might slow things down a bit but after what I have seen others discussing this wont be nothing to them.
what if we strip the link from those parameters
I wish discord didnt do this. I loved the infinite storage
And people abusing Discord as infinite storage space is probably way more of a reason for them to introduce these restrictions than malware distribution. Storage and traffic cost them money after all and they aren't a charity.
You can actually bypass it using a method (discords cdn thingy)
could you be more specific?
@@neey3832 Basically, Discord's API could be used to retrieve a file's attachment link. Someone could then write a script that fetches the document URL every day and updates their scam website with the URL.
It's technically not a bypass but rather a work around
@@n0tzuck How is it done?
0:24 this is wrong. If you delete the original message with the attachment, it will expire after an indeterminate amount of time.
The first part of the numbers in discord cdn links is the server / DM “channel” id which is really bad for hackers because discord publicly lets you view info about a server just from having it’s id.
On top of that even if the server or the message got deleted discord still logs who made the server and who sent messages in it. They started logging ALL messages ever since their new anti trust policy was implemented back during covid :/
as i've searched, only discord servers with widget enabled allow people to publicly see info about their server
@@neey3832 That is true. Though being snowflakes they can still be somewhat useful in supplying the time the server or channel or message was created
Nice ...I wanna be like them
Second *troll face *
so which one is a real hitman website?
rip
How about the state's NOT TRUST 3rd party proprietary software!! Closed source code is saying you trust the diligence of that company to do the work of security that open source allows billions of humans to join and help do for free.
Discord should've done that at least a year ago. For some reasons I have to deal with infection source quite often, and Discord has been on the top of the malware hosting list. I even made a post over a year ago complaining about the issue and how easy it is to them to fix it, only to meet some unpaid muggles trying to defend Discord for funny reasons. Finally they have chose to do the right move.
What was your easy fix?
@@YT7mc Add the same authentication check already applied to chatroom messages to CDN entries. Just like the solution they're going to push but simpler.
@@mu11668B Yep that makes sense; wonder why they aren't doing this.
The rentahitman site is seriously old news, like decades old.
Did you only just learn about it?
A UI is responsible for the hacks
nope 0% security on discord
Can they not just use a script to keep the link updated?
Probably, yes. The links themselves would expire, but every time you scroll up to the link it would have a different expiration date.
They can, when the link is on a website, but not in an e-mail.
The "memes" zip is just one meme copied over and over. I am disappointed.
Haha, I knew someone would check it out, I should’ve hidden an Easter egg in there
in case you didn't know: "CL0P" -- sounds identical to russian word for a Bed Bug ("клоп")... just saying 🤷♂
Damn, Apple users getting railed by their own devices again.
....
Explain about dark side of whatsapp
Hello World 👋
These goofy mfs still out here trying to buy hitmen
Must have been living under a rock, never used that platform. Neither Tiktok. And proud of it! LOL
Yup, always got the feeling discord was just a place for pedophiles to trade photos.
Apple is wild, genuinely pro-privacy in one case, claiming 8GB of RAM > 16GB in another, i cant tell if they are competent or not
Let's not get it twisted, apple is absolutely not pro-privacy and is harvesting and selling user data just like every other major tech company. You don't become a trillion dollar company just selling hardware. They sure do love having that outward appearance of being "privacy focused" though
They don't block third party tracking out of the kindness of their hearts, they do it so they can have a monopoly on the data you generate on their hardware. Apple is not privacy focused and you've been duped if you think they are 🤷♂
Well that actually sucks. I use mp3 files hosted on discord to play on my gameserver using some hacky plugins, so i dont have to load them in game and make everyone else load them, i can just play browser files. Guess now i have to change all of my scripts lol
hi
Indeed broken grammar. XD
e
42th 1 hour ago
Ground News? Seriously? It's fucking terrible! It totally biased and not at all trust worthy! Just taking them as a sponsor really puts doubt in your due diligence. I didn't unsubscribe, but I came very close.
Who thinks this is a good Discord update?
👇
Misleading title
HackNewsAndImma1st