Cybercriminals tend to be very aware of trends and try to attack with malware where the most possible victims can be found. In this sense, few virtual places are more popular right now than the TikTok video social network.
Specifically, what cybercriminals are taking advantage of to try to sneak in their malware are the platform’s viral challenges and specifically one called the “Invisible Challenge” .
The viral danger of the Invisible Challenge
This TikTok challenge consists of applying a filter known as “Invisible Body” that only leaves behind a silhouette of the person’s body. In this way, the optical effect of invisibility is created. Beyond the fact that the result is certainly not very credible, it has an added danger.
Some people who have posted videos of this type assure that they have done so naked and, since we can only see a silhouette, it could be true and we would not know it. The thing is, hackers are exploiting TikTok’s “Invisible Body Challenge” to spread malware that can steal data from the person downloading it.
How? Well, by posting TikTok links and videos in which software that can remove the filter is promoted, but in reality it is malware that can be used for a multitude of data thefts by infecting a device with as much sensitive information as the smartphone.
It does not serve to remove the filter; it’s a malware
As you can guess, the software is fake and all they really get is a piece of malware called “WASP Stealer (Discord Token Grabber)”, which is used to harvest Discord account details, stored credit cards, passwords, wallets, etc. cryptocurrencies and other files on your computer, according to the security company CyberSmart.
«With the advent of social networks, distributing information has never been easier. The short and shareable format of TikTok videos means that content can go viral quickly, attracting thousands, if not millions, of views in a short period of time. It is not surprising then that cybercriminals are willing to take advantage of these trends as a vehicle for their scams.
The Invisible Challenge where individuals are supposedly filmed naked, blurred only by a filter, places many in a vulnerable position. By offering a potential tool that could “unfilter” the effect, threat actors take advantage of people’s curiosity, fear, and even the malicious side to download it. Of course, by then, they will know that the attackers’ claims are false and that the malware is already installed.
It is important for all users to be careful about the links they click and the files they download on social media. If it’s too good to be true, it probably isn’t . Also, it’s a reminder to be aware that anything shared on the Internet tends to stay on the Internet. Think twice about what you upload, considering how it could make you vulnerable.”