Hijacked Trust: How Malicious Actors Exploited Discord's Invite System To Launch Global Multi-Stage Attacks
Check Point, Thursday, June 12th, 2025
Attackers took advantage of a Discord feature that lets expired or deleted invite links be reused, allowing them to hijack trusted community links and redirect users to harmful servers.
Discord is a widely used and trusted platform favored by gamers, communities, businesses, and others who need to connect securely and quickly. In our recent research, Check Point Research (CPR) uncovered a flaw in Discord's invitation system that allows attackers to hijack expired or deleted invite links and secretly redirect unsuspecting users to malicious servers. Invitation links posted by trusted communities months ago on forums, social media, or official websites could now quietly lead users into the hands of cyber criminals.