A TikTok challenge has been jumped on by cybercriminals, who are taking advantage of its popularity to try to trick people into downloading malware that steals their information.
The Invisible Challenge sees people use a filter to make their body appear see through, leaving just the silhouette visible. Some people are using the filter and then taking their clothes off on screen. They’re naked, but the user doesn’t see that because they are “invisible”.
Naturally, that’s left some people wondering if they can remove the filter, after posting, in order to see the person actually naked.
Enter the scammers.
Malware
According to researchers at Checkmarx, attackers posted online that they had created an app that was able to remove the invisible body filter. All interested parties need to do is join the Discord server discord.gg/unfilter to get the app.
Once they joining the Discord server, they are shown videos that supposedly show the results of the filter removing software. However, instead of installing the app, what they actually get is a WASP information stealer, which searches the infected device for passwords, cryptowallets, credit cards, Discord accounts, and any other files that might be interesting, and sends all of it to the attacker.
Then they’ll receive a private message from a bot account asking them to give a star to the GitHub repository. The repository had at least 103 stars which may be a good indicator for the number of victims that installed the stealer.
Don’t fall for it
Ever since the discovery, several elements of the attack have been reported and removed, but it doesn’t seem like the attackers are ready to give up on this profitable project. So, whatever you do, don’t follow up on the claims that the invisible filter can be removed. Also, if someone’s used an invisible filter, thats because they don’t want you to see the “invisible” portion, so don’t try to find a workaround.
If you’re using the filter yourself, it also works if you keep your clothes on. That way, if anyone actually finds a way to remove the filter, you won’t have caught yourself on camera.
Better yet, stay away from TikTok altogether.
If you think you’ve been infected with the information stealer yourself, you should change the passwords that were stored in your browsers.
Also change or add 2FA to your online accounts wherever you can, and keep an eye on your bank and credit card statements.
Malwarebytes
Malwarebytes blocks the IP address where the WASP stealer is hosted.
Stay safe, everyone!
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.