World Cybercriminals Take ADVANTAGE Of TikTok Challenges 19, Here's The Motive!
JAKARTA - Cybercriminals are back in action. This time they took advantage of TikTok's trending challenges and dirty thoughts of the audience, to spread data thief malware through fake apps.
So far, the video has been viewed more than a million times.
The new TikTok trend is called the Palang Challenge, where a person has to record himself naked while using the effect called theten Body which removes the body from the video.
So, the malware in question claims to remove filters and see the original body of the recorder, but what actually happens is that it will only see blurry contour images.
Like many other TikTok challenges, these challenges quickly became popular with the hashtag #invisiblebody being watched more than 24 million times. Similarly, GitHub's repositories used to distribute malware rose to the top of the trending repositories list.
However, cybercriminals quickly capitalize on it, create videos promoting how to remove filters and view original unedited clips.
In the description of the video, there is a link to the Discord server where the user is directed to the second link, which leads to GitHub. There, users are told that they can download the actual unfiltering filter is the WASP Stealer malware (Discord Token Grabbber).
This tool steals people's Discord accounts, passwords, credit card information stored in browsers, crypto wallets and even people's files.
According to BleepingComputer quoted from TechRadar, Saturday, December 3, only two videos promoting counterfeit tools were viewed more than one million times, and one Discord server has garnered more than 30,000 people.
A simple Google search for the keyword "TikTokten Body" is now also presenting dozens of videos promoting the fake filter remover.
WASP is hosted on GitHub, and as soon as the video hits the web, its status becomes a trending GitHub project.
Now, both GitHub and TikTok are quickly removing accounts promoting the scheme from their platforms. However, the cybercriminals appear to have returned quickly, using different project accounts and names.