With an estimated of more than 600 million downloads in the country, video sharing app TikTok, which allows user to create 15-second videos, is one of the most popular apps in India to date.
Kaspersky researchers have recently found that cybercriminals are sending users links to download malicious application to their phones. A seemingly genuine message is sent by a known contact to targets informing them about an alternative app with a download link available in place of TikTok. Named as “TikTok Pro”, once installed on a user’s device, it asks for permission to read contacts and send SMS. Then the user is asked to enter their TikTok credentials and click on the advertisement or install an advertised application – one of the ways cybercriminals earn money from app distribution.
The malware steals the affected users’ information and sends text with the malicious link to all numbers in the affected users’ contact book. Fortunately, the current malware modification does not steal users’ account credentials. An identical malware has been detected earlier, which was distributed under the guise of fake Jio offers.
“This activity shows that cybercriminals are increasingly intelligent and is constantly evolving according to the current landscape – they are quick to adapt and do not restrain from using ‘hot’ topics – to make themselves relevant”, noted Igor Golovin, malware analyst at Kaspersky.
"Cybercriminals understood that Tik Tok as one of the most popular apps amongst Indian consumers to date, could also be a good bait to attack the users. We urge users to follow basic cyber hygiene while online. If a user has received a link from their known contact, there is no harm in rechecking with their friend about the same or checking for its authenticity through other reliable sources. It is always better to be a little more suspicious online rather than being a victim to a cybercriminal activity", Dipesh Kaura, General Manager for South Asia, Kaspersky added.
To protect yourself form threats such as this malware, Kaspersky recommends users:
Learn more details about this malware on Securelist.com.