No VPN found

Hackers Use TikTok Trend to Spread Malware

Hackers Use TikTok Trend to Spread Malware
Dec 29, 2022
Invisiblefilter trend on Tiktok plays a malware distribution center role for Hackers. TikTok users are the targets of cybercriminals.
Oguz Dagli
Hackers Use TikTok Trend to Spread Malware - FastVPN
Cybercrime is a big deal these days. It refers to any illegal activity that involves the use of the internet, computer systems, or related technologies. This can include things like hacking into systems to steal sensitive information, spreading malware to disrupt or damage computer systems, or using the internet to facilitate other types of illegal activity, like fraud or identity theft.
Cybercriminals are taking advantage of a popular trend on TikTok called the "Invisible Challenge." In this challenge, people film themselves naked while using a filter that removes their bodies from the video. The result is a blurred, contour image that appears to be invisible. These videos are tagged with the hashtag #invisiblefilter and have garnered millions of views.
The popularity of the Invisible Challenge has caught the attention of cybercriminals, who have created fake "unfilter" software that claims to remove the invisible filter and show the naked video creator. They are promoting this software through TikTok videos with links to a Discord server, where users can download the software. The Discord server is called "Space Unfilter" and has already attracted more than 30,000 members.
“The high number of users tempted to join this Discord server and potentially install this malware is concerning,” wrote Nachshon and Folkman. “The level of manipulation used by software supply chain attackers is increasing as attackers become increasingly clever.”
However, the software that is being promoted through these TikTok videos and the Discord server contains malicious files. Specifically, it includes a .bat script that installs a Python package with a WASP stealer hidden inside. After tricking people into downloading the malware, the cybercriminals have access to the victim's device, including their Discord passwords and contacts. They can then use this information to spoof the victim and scam their contacts.
The malware attack appears to be ongoing, with the cybercriminals using different names and identities to evade detection. Researchers at Checkmarx, who have been tracking this attack, have noted that the cybercriminals are quick to improvise and create new identities or use different names whenever their packages are deleted by the security team.
The attackers may have used a technique called StarJacking to make the legitimate package seem more popular than it actually is. This involves hijacking the package's GitHub Stars rating. They also reportedly sent new sign-ups a private message from a bot account asking them to give a review to the GitHub repository. As a result of this, the repository has gained the status of a trending project.
Security experts mentioned that “The invisible body filter is designed specifically to elicit an emotional response, which is why it’s a trend at the moment. The criminals know that the lure of potentially being able to reverse the filter would be too great for many to resist, and they are right.
This attack serves as a cautionary tale for TikTok users to be careful about downloading untrusted third-party software and to be mindful of how much access TikTok has to their data and devices. It is also a reminder for all users to be cautious about clicking on links and downloading software from unfamiliar sources, as it could potentially put their devices and personal information at risk.
The consequences of cybercrime can be pretty severe. Victims might suffer financial losses or damage to their reputations. That's why it's important to be aware of the risks of cybercrime and to take steps to protect yourself. You can use strong passwords, install a VPN, and be cautious about opening emails or links from unknown sources. Stay safe out there!
This website uses cookies to improve the user experience. To learn more about our cookie policy or withdraw from it, please check our Privacy Policy.