Cybercriminals took advantage of this challenge on TikTok to spy on cell phones and PCs

FILE PHOTO: TikTok app logo is seen in this illustration taken, August 22, 2022. REUTERS/Dado Ruvic/Illustration/File Photo

A campaign generated by was detected cybercriminalswho take advantage of the “Invisible Challenge” born in TikTok, to invite people to download a code of software malicious and infect your computers.

The high diffusion of this campaign of malware is because the challenge of platform of video consists of applying a filter called “invisible body” to a video in which people naked they pose in front of the camera while the effect completely erases their body and users cannot see them.

Invisible body challenge on TikTok.  (Checkmarx)
Invisible body challenge on TikTok. (Checkmarx)

As a result of the morbidity that it produces in the users of TikTokthe process of infection starts with the publication of some videos in which software is promoted, which promises to withdraw the filter so that the naked bodies of the users can be seen.

According to the company security Checkmarx, a group of profiles within the video platform include links direct to a server discord in which people will supposedly be able to to download the promised program. To increase credibility, the server chat will show videos various of women who supposedly used the filter of TikTok but which was removed with the help of the software that you want to download.

Once inside the group, a bot will be in charge of sending a specific download link of the program hosted on the platform by private message. GitHuba platform code creation software.

Discord bot sends malware link of invisible body challenge on TikTok. (Checkmarx)

When the user clicks on the link sent by the bot You will be redirected to the page GitHub where is he supposedly staying ProgramHowever, despite the fact that positive comments can be seen that can convince a person of to download the program, these are fake and written to create the urge to install it.

The cybersecurity company indicated that the codewhich is written in the programming language pythonit was removed several times, but the person who created it continues to create new ones versions with different identities and have generated more than 30,000 downloads and installations until November 28, 2022.

On the other hand, it can be seen that a video of Youtube in which the cybercriminals show users the “correct” procedure for installing the software malicious, so they make sure that people have a need to incorporate it into their system his devices.

YouTube video shows how to install the invisible body challenge malware on TikTok. (Checkmarx)

For the Checkmarx team, the level of handling that is currently used in the strategy of the cybercriminals is capable of increasing as new methods of cyber attacks are invented and the delinquents “They get smarter.”

In addition, according to its official website, the campaign of malware is still active today due to the creator’s insistence on republishing the code within GitHuba way that “we believe will be a trend and will accelerate in the year 2023″.

The best way to prevent this type of attack is for users to be informed about the new forms that the cybercriminals to infect electronic devices and avoid downloads of digital content from untrustworthy sources or presenting suspicious comments that generate the push for install it.

Keep reading:

Exit mobile version