Security News > 2022 > November > Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware
Threat actors are capitalizing on a popular TikTok challenge to trick users into downloading information-stealing malware, according to new research from Checkmarx.
The trend, called Invisible Challenge, involves applying a filter called Invisible Body that just leaves behind a silhouette of the person's body.
"Instructions to get the 'unfilter' software deploy WASP stealer malware hiding inside malicious Python packages," Checkmarx researcher Guy Nachshon said in a Monday analysis.
The WASP stealer is a malware that's designed to steal users' passwords, Discord accounts, cryptocurrency wallets, and other sensitive information.
Victims joining the Discord server subsequently receive a link to a GitHub repository that hosts the malware.
The attacker has since renamed the project to "Nitro-generator" but not before it landed on GitHub's Trending repositories list for November 27, 2022, by urging the new members on Discord to star the project.
News URL
https://thehackernews.com/2022/11/hackers-using-trending-invisible.html
Related news
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- Hacker infects 18,000 "script kiddies" with fake malware builder (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)