Researchers from Socket’s Threat Research Team have discovered an emerging wave of supply chain attacks that exploit Discord webhooks as covert command-and-control (C2) channels.
Rather than setting up their own infrastructure, threat actors now use Discord’s publicly accessible HTTPS webhook endpoints to exfiltrate sensitive data from infected systems.
A Discord webhook consists of an embedded numeric ID and authentication token, which, if leaked, grants anyone the ability to send payloads into a target channel.
Since webhooks are write-only and require no additional authentication, attackers exploit this simplicity to discreetly forward stolen data under regular HTTPS traffic to Discord’s legitimate domain, efficiently bypassing corporate firewalls and intrusion detection systems.
Socket’s research shows how these webhooks, when embedded in open-source software, can silently extract credentials, configurations, and system details from developers’ machines or CI environments.
This new abuse technique demonstrates a cost-effective C2 model: it is free, instantly available, and blends with legitimate traffic patterns.
npm, PyPI, and RubyGems Packages Used for Data Exfiltration
In the npm ecosystem, malicious packages such as mysql-dumpdiscord (v1.0.4) and nodejs.discord were observed using Discord webhooks for exfiltration.
In mysql-dumpdiscord, the attacker-written script targets local configuration files, notably config.json, .env, and Turkish “ayarlar” configuration scripts, reads their contents, and sends them to a Discord webhook (https://discord[.]com/api/webhooks/1410983383676227624/...).
If the file exceeds 1,900 characters, the message is truncated and appended with a warning message in Turkish indicating that the file was shortened. This shows deliberate design for handling large secrets such as API tokens and database keys.
A second npm module, nodejs.Discord used a minimal JavaScript wrapper called Discord.js WebhookClient to post concatenated message strings to a hard-coded webhook.
Though less complex, it still represents a silent exfiltration mechanism, capable of sending any text passed in during runtime to an external channel.
Python’s malinssx package on PyPI implemented a similar model in a setup.py script that ran automatically on installation. The code overrode the install routine to POST an installation alert message to Discord (https://discord[.]com/api/webhooks/1388446357345534073/...).
Labeled as a “test webhook,” the package’s activity occurred without user consent, representing a direct supply chain risk. Identical variants named malicus and maliinn, linked to the same actor sdadasda232323, used the same webhook address for telemetry collection.
Advanced Exfiltration in the Ruby Ecosystem and Defense Guidelines
The Ruby gem sqlcommenter_rails (v0.1.0) demonstrated a more elaborate data capture pattern. Its script collected system metadata such as hostname, active user, current working directory, and DNS servers from /etc/resolv.conf, and public IP via api.ipify.org.
It even read /etc/passwd to capture detailed host information. The script formatted all the data into a multi-line message and transmitted it to a Discord webhook using Net::HTTP TLS, silently ignoring errors.
This attack illustrates a growing supply chain threat: Discord’s trusted domain and HTTPS encryption make such misuse nearly invisible.
Socket researchers recommend deploying egress filtering, auditing dependencies with Socket CLI, enforcing lockfiles, and scanning pull requests for network-related code.
Tools like Socket Firewall can intercept transitive package requests before execution, and GitHub App integrations can identify hard-coded webhook URLs in real time.
As adversaries increasingly turn to webhook-based C2 models via Discord, Telegram, and Slack, proactive behavioral detection, not just domain blocking, is vital to protect developer ecosystems from silent data theft at scale.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
