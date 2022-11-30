At best deals🇧🇷

Challenges are so common in TikTok that already attract the attention of hackers. A challenge that asks the participant to use the filter Invisible Body (Invisible Body) as a way to hide their alleged nudity, it has been used to spread malware. The threat is capable of capturing passwords and even Discord accounts.

TikTok (image: Vitor Pádua/Tecnoblog)

The invisible body challenge encourages the user to record a video in which he appears naked. Next, you just need to apply the Invisible Body filter so that your body image is replaced by a blurred background.

It is a joke that stirs the imagination of TikTok users. Aware of this, a hacker group had an idea: to offer a second filter, this one to remove the invisible body effect. With this, the supposed nudity of the challenge participants is exposed.

There’s only one problem: that second filter is fake.

A “filter” that steals data

The fake filter was being publicized through videos on TikTok itself. At least two profiles have already been suspended from the social network for making this disclosure. Despite this, their reach was great. O BleepingComputer reveals that the videos had, together, more than 1 million views.

This number was verified by the digital security company Checkmarx, which says that the videos attracted about 32 thousand people to a server on Discord. There, users were faced with a link posted by a bot that led to a repository on GitHub.

Videos promoting the fake filter (image: Disclosure/Checkmarx)

Yes, the repository was created to host the malware. It became so popular that it gained trending project status on GitHub. Checkmarx says that the package available there had a .bat script that installed a malicious file written in Python.

There was also a readme file that contained a link to a YouTube tutorial teaching the user how to install the alleged filter.

If you followed the steps, the user would end up installing the WASP malware on the computer, which tries to capture Discord accounts, passwords or credit card numbers stored in the browser. The threat can also capture cryptocurrency wallets or existing files on the victim’s machine.

Fortunately, the trick disclosure accounts on TikTok, the tutorial on YouTube and the repository on GitHub have since been deleted. But it’s good to stay alert. There are good chances that the malicious action will be maintained from new links.