Hacker News new | ask | show | jobs
by Liquix 477 days ago
...why? what's the difference between "POST payload to discord webhook" vs. "POST payload to VPS rented anonymously"? it seems like an inexplicably bad decision to use a proprietary US service for your malware C&C
2 comments
Aurornis 477 days ago
These are not sophisticated attackers.

Discord is free and easy. The notification pops up right where they’re already chatting with each other for 16 hours every single day.

Renting a VPS and writing custom software to accept a POST request requires a credit card, programming skill, and time.

link
acedTrex 477 days ago
These are not high effort malware distributors. Its very low hanging fruit done by script kiddies essentially.
link