Possible Discord hacking mitigations

SirIntellegence(Brain-Storm.exe)
  • Edited

To help others, it would be nice if your ssl certificate was verified by someone other than cloudflare if possible since, if I recall correctly, anyone can get a cloudflare certificate. Preferably someone that required red tape so scammers can't fake it. Then people can just verify they have the right website by quick checking the certificate in the web browser. If this change is implemented (somehow) and directions updated, it might significantly reduce accounts getting hijacked.

Additionally, you could maybe have Discord check for links that preview with or contain the words "free" or "nitro" so a warning is shown before navigating it. Like, maybe more than the usual warning, possibly saying you shouldn't discord log in there.

4

Comments

5 comments

Date Votes
  • AUSBird

    I like the idea behind having links from someone that uses common phrases like "Free" and "Nitro" and append a warning to the link is a great idea.

    As for the SSL certificate thing, I would disagree. The SSL certificate from cloudflare is just how the whole cloudflare system works. Cloudflare needs to own the certificate since their servers are where the connection from the users terminate before a request is sent from cloudflare to the real discord servers.

    0
  • SirIntellegence(Brain-Storm.exe)

    Hence the "if possible"

    -1
  • DN nightpure

    i have gotten a thing from a friend that says i’ve been gifted a subscription for discord nitro bc of xbox, plz add and dm me if it’s a real or scam, DN nightpure#8242

    0
  • AUSBird

    @DN nightpure
    Sure, sent request.

    0
  • str

    Doxsite - Official Website 

     

    Website ---> https://doxsite.gq/

    Discord ----> https://discord.gg/RaJV9ZzJjS

    0

Please sign in to leave a comment.