Threat Actors Exploit Discord Webhooks for C2 via npm, PyPI, and Ruby Packages

Published 2025-10-13 20:57:51 | gbhackers.com
Discord C2 Exfiltration Npm Pypi Rubygems Sector: Software Development Region: Global

🎙️ Paranoid Newscast

🎭
Credibility
70%
📊
Risk Score
64%
🎲
Likelihood
8/10
💥
Impact
8/10
🛡️
Priority
4/5
Threat actors are increasingly using Discord webhooks as covert command-and-control channels within open-source packages, allowing for the stealthy exfiltration of sensitive data. This tactic leverages hard-coded webhook URLs to bypass security measures and exfiltrate secrets from developer environments.

Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets, host telemetry, and developer environment data without standing up bespoke infrastructure. Socket’s Threat Research Team has documented active abuse across npm, PyPI, and RubyGems, where hard-coded Discord webhook URLs act as write-only sinks to siphon data over HTTPS to attacker-controlled channels.

Because webhook posts resemble ordinary JSON traffic to a widely allowed domain, these operations often bypass perimeter filtering and signature-based controls.

Discord webhooks are HTTPS endpoints that require only possession of a URL containing an ID and secret token to post messages to a channel. Live endpoints typically return 204 No Content on success or 200 OK with ?wait=true, while 401, 404, and 429 indicate invalid tokens, deletion, or rate limits respectively. Critically, webhook URLs are write-only—defenders cannot read prior channel history from the URL alone—making takedown and retrospective investigation harder while lowering attacker friction and cost.

In npm, mysql-dumpdiscord targets sensitive configuration artifacts such as config.json, .env, ayarlar.js, and ayarlar.json (Turkish for “settings”), reading and chunking file contents before POSTing them to a hard-coded Discord webhook. On PyPI, malinssx overrides setuptools’ install command to silently trigger a POST to a Discord webhook during pip install, sending a notification message in Vietnamese. On RubyGems, sqlcommenter_rails collects host-level signals including /etc/passwd contents and other metadata before serializing and shipping the full payload to a hard-coded Discord webhook.

Mitigations should center on behavioral and egress controls. Treat webhook endpoints as potential exfiltration vectors and enforce allow-lists with DNS and TLS SNI filtering where feasible. Pin dependencies with lockfiles, require provenance/SLSA attestations, and gate dependency updates through PR scanning that flags hard-coded webhook URLs, outbound network calls, and install-time execution.