The Nigerian Communications Commission Computer Security Incident Response Team (NCC-CSIRT) warned of the potential harm of participating in the unseen challenge on the short-form video hosting service, TikTok.
The NCC-CSIRT advisory said that threat actors took advantage of the virus unseen challenge to spread an information-stealing malware known as WASP Stealer (or W4SP).
The WASP stealer, which has a high probability with critical damage potential, is a persistent malware hosted on Discord that, according to its developer, is undetectable.
how does it work: The NCC-CSIRT explained that the Stealth Challenge involves wrapping a somewhat transparent body contouring filter around a presumed nude individual.
The attackers are uploading videos to TikTok with a link to software they claim can reverse the effects of the filter.
The news continues after this announcement.
- “Those who click on the link and try to download the software, known as “unfilter”, are infected with the WASP stealer. The suspended accounts racked up more than a million views after initially posting the videos with a link. Following the link leads to the “Space Unfilter” Discord server, which had 32,000 members at its peak but has since been taken down by its creators.
- “Successful installation will allow the malware to collect keystrokes, screenshots, network activity, and other information from the devices where it is installed. It can also covertly monitor user behavior and collect personally identifiable information (PII), including names and passwords, email keystrokes, chat programs, websites visited, and financial activity. This malware may be capable of covertly collecting screenshots, video recordings, or the ability to activate any connected cameras or microphones. explained the regulator.
Preventive measures: The team said some of the ways to prevent such an attack include avoiding clicking on suspicious links, using anti-malware software on your devices, checking your app tray, and removing any apps you don’t remember installing or are inactive, and adopt healthy password hygiene practices, such as using a password manager.