Hackers are using TikTok’s ‘Invisible Body’ challenge to push mallware

Hackers are using TikTok's ‘Invisible Body’ challenge to push mallware

Hackers are using fake ‘unfiltering’ apps to push malware during TikTok’s ‘Invisible Body Challenge’ craze

TikTok’s ‘Invisible body’ challenge has proved to be incredibly popular, pushing over 3 billion views on the app so far. For the uninitiated, the challenge asks Tiktokers to film themselves while naked using the ‘Invisible Body’ filter, which will remove their body from videos and replace it with a blurry background. 

Hackers have been moving to exploit this trend, capitalising on the trend in an attempt to install malware on thousands of devices. Currently, Hackers are trying to get TikTok users to install fake apps that will discretely install malware like the “WASP Stealer” on the devices of users, which is capable of stealing the passwords, Discord accounts, credit card information, and cryptocurrency wallets, and files from users. 

The hack mentioned above capitalises on TikTok’s ‘Invisible Body’ trend by offering users specialised ‘unfiltering apps’ that can allegedly remove TikTok ‘Invisible body’ effect and reveal the naked bodies of TikTokers. These applications are fake, and TikTok users should not install them under any circumstances. Let’s be honest folks, if that’s the kind of thing you are after, there are easier ways to find those kinds of videos.

TikTok’s ‘Invisible Body’ filter has been available for years now, but the feature has only recently been used broadly to obscure the nudity of TikTokers en masse. This is what has prompted hackers to exploit the trend, as many TikTok users are curious to see what is underneath the app’s filter. Below is an example of a thumbnail that is used to push a fake filter remover. Videos like these are now available all widely on YouTube and TikTok, with some new channels being dedicated to them. 

Hackers are using TikTok's ‘Invisible Body’ challenge to push mallware

(An thumbnail for an alleged “unfiltering” video)

Hackers are always keen to utilise the popularity of viral videos or trends to trick internet users into installing malware onto their devices. This new ‘unfiltering app’ attack vector is now the newest reminder that internet users should be careful about the links they follow or files they download through social media apps. As always, be careful on the internet.

Below is a statement from Jamie Akhtar, CEO and co-founder of CyberSmart regarding this matter.

    With the advent of social media, distributing information has never been easier. The short and shareable format of TikTok’s videos means content can quickly go viral, attracting thousands, if not millions, of eyeballs in a short span of time. It is no wonder then that cybercriminals will be keen to jump on these trends as a vehicle for their scams.

The Invisible Challenge where individuals film themselves naked, blurred out only by a filter, puts many in a vulnerable position. By offering a potential tool that could ‘unfilter’ the effect, threat actors prey on people’s curiosity, fear, and even their malicious side to download it. Of course, by then, they’ll learn the attackers claims are false and malware is installed.

It is important that all users are careful about what links they click and files they download on social media. If it’s too good to be true, it probably is. Moreover, it’s a reminder to be conscious that whatever is shared on the internet tends to stay on the internet. Think twice about what you upload, considering how it might make you vulnerable

You can join the discussion on the hackers that are attempting to exploit TikTok’s ‘Invisible body’ trend on the OC3D Forums.