Beware! The Invisible Challenge On TikTok Is Being Used to Spread Information-Stealing Malware: NCC

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned that the Invisible Challenge on short video hosting service, TikTok, is a ploy by hackers and threat actors to infect devices with information-stealing Malware.

According to the NCC-CSIRT, the information-stealing Malware known as the WASP (or W4SP) stealer, is being stealthily spread by threat actors who have taken advantage of a viral TikTok challenge, known as the Invisible Challenge.

The WASP stealer is high in probability with critical damage potential. It is also a persistent malware hosted on discord that its developer claim is undetectable.

The Invisible Challenge involves wrapping a somewhat transparent body contouring filter around presumed naked individuals and "attackers are uploading videos to TikTok with a link to software that they claim can reverse the filter’s effects," the NCC-CSIRT said.

“Those who click on the link and attempt to download the software, known as "unfilter," are infected with the WASP stealer," the commission added.

When successfully installed, the malware harvests keystrokes, screenshots, network activity, and other information from devices where it is installed.

The WASP stealer may also covertly monitor user behaviour and harvest Personally Identifiable Information (PII), including names and passwords, keystrokes from emails, chat programs, websites visited, and financial activity, according to the commission.

The Team said some ways to forestall such an attack include

The commission recommends that suspicious links be avoided, the use of anti-malware software on your devices, check app trays and removing any apps that you do not remember installing or that are dormant, and embracing healthy password hygiene practices such as using a password manager.

The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

Leave a Reply

Your email address will not be published.