Hackers are taking advantage of the TikTok invisible body challenge, to infect hundreds of devices with malware and steal users’ passwords, Discord accounts, and perhaps cryptocurrency wallets.
Using TikTok’s “Invisible Body” filter to erase your body from the video and replace it with a hazy background as part of a new and popular TikTok challenge. There are thousands of posts related to the trend in TikTok. You can check the challenge from the post of TikTok user @.lavondrius:
@.lavondrius the north remembers #fypシ #invisiblebody #spyxfamily #invisible #gameofthrones #xyzcba #foryou
The challenge is fun and all but hackers are taking advantage of this challenge by making TikTok movies that advertise a unique “unfiltering” filter that would do rid of TikTok’s body-masking feature and reveal the users’ nude bodies.
However, the “WASP Stealer (Discord Token Grabber)” malware, which can steal data from a victim’s computer and passwords, credit card information, and Discord accounts stored on browsers, is installed by this phony software.
Hackers are targeting the TikTok Invisible body challenge
Recent research discovered two TikTok videos released by the attackers that swiftly garnered over a million combined views, according to a recent analysis by cybersecurity company Checkmarx.
The videos were produced by the now-suspended TikTok users @learncyber and @kodibtc to advertise a software application to “remove invisible body filter” made available on a Discord server called “Space Unfilter”
Checkmarx reports that the threat actors once had about 32,000 members but have since migrated their Discord server.
When the victims sign up for the Discord server, a bot posts a link that directs them to a GitHub repository that contains the virus.
The malicious source, which has subsequently been renamed but still has 103 stars and 18 forks, has become a “trending GitHub project” as a result of this attack’s overwhelming success.
Attackers used a Phyton package
The project files included both a ReadMe file that connects to a YouTube video with installation instructions for the TikTok “unfilter” tool and a Windows batch file (.bat) that, when run, installs a malicious Python program (WASP downloader).
The use of numerous Python packages hosted on PyPI by the attackers, including “TikTok-filter-api”, “pyshftuler”, “pyiopcs,” and “pydesings,” was uncovered by Checkmarx analysts. New packages were added whenever the older ones were identified and removed.
To make their project appear legitimate, the attackers also employ PyPI’s “StarJacking” approach by tying it to a well-known GitHub project that they are not affiliated with.
The checkmarx report on November 28 said:
“It seems this attack is ongoing, and whenever the security team at Python deletes his packages, he quickly improvises and creates a new identity or simply uses a different name,”
“These attacks demonstrate again that cyber attackers have started to focus their attention on the open-source package ecosystem; We believe this trend will only accelerate in 2023.”
Why did hackers target TikTok Invisible Body Challenge?
The TikTok hashtag #invisiblefilter has had over 27 million views so far, making this a very well-liked trend making it a great environment for hackers to reach.
In the TikTok invisible body challenge, users put on a filter that works similarly to green screen effects so that their skin tone blends in with the surroundings. As a result, only your rendered body and clothing are visible.
Many people questioned whether it was possible to remove the filter from videos and view the original clip without it so hackers came up with the idea to prepare a masked virus that claims it can remove that filter.
We hope you were not affected by this software. Please do not trust the posts on social media platforms that direct you to external sites and say that you need to download some files for any function to work. If you would like to read more about TikTok trends check out our article on How to use the explosion filter on TikTok?