Origin Protocol co-founder Josh Fraser pointed out some of the vulnerabilities in the popular platform.
Since its founding in 2015 as a tool to connect and communicate with other gamers, Discord has very quickly established itself as the de facto community communication platform of choice for blockchain and crypto-based projects and businesses of every kind imaginable. From exclusive invite-only Discord servers for NFT collections to internal news and airdrop communities, countless blockchain, NFT, crypto, DeFi, and Web3 projects use Discord as their community engagement and marketing platform.
Unfortunately, many server security issues, hacks, compromised accounts, and other privacy issues on Discord have plagued the platform. Josh Fraser, co-founder of Origin Protocol, recently highlighted many of these issues in a Twitter thread which he posted to educate the general public about the potential dangers of using Discord.
To start, Fraser says that unauthorized third parties can collect a lot of information about the inner workings of different projects on Discord because the Discord API leaks the name, description, member list, and activity data of each private channel on each server. . Since many crypto projects use private channels on Discord for many different needs, such as collaborating on announced partnerships, product launches, exchange listings, and more, it is wrong for anyone to assume that these channels are really as private as their users make them out to be. .
To illustrate his point, Fraser explains how private servers for Binance staff, an OpenSea server for Solana launch partners, and a Compound Finance channel for Coinbase were all found to be non-private despite Discord signaling via a padlock icon that they were.
What are some of the dangers of these problems? For starters, Discord’s security breaches range from leaking private server information, private user data (which can be used for doxing), and activity data (which can indicate an upcoming list or release), to crypto projects. which use your multisig wallet addresses as a description. for your private channels, which can potentially point out otherwise bland data to malicious eavesdroppers. These add up to Discord effectively compromising the trust of the public (and its users) by not protecting data on servers that should be private.
While Fraser brought these issues to the attention of the Discord team, it doesn’t seem likely that they’ll be addressed any time soon. It is in the public’s best interest to be aware of these potential security issues and to take whatever steps they deem appropriate to protect their privacy and data.
This post Be careful with your Discord server
was published first on https://www.newsbtc.com/news/company/careful-with-your-discord-server-it-may-not-be-as-secure-as-you-think/