Serviceteam IT Security News

Attackers are creating fake links for the video-sharing application TikTok, which contain malware to capture user’s data.

According to Money Control, police in India have issued a warning about TikTok links, after links were sent through WhatsApp and SMS.

The attackers promote a ‘professional’ version of TikTok to Indian users, after the application was banned in the country earlier this year.

Christoph Hebeisen, director of security intelligence at Lookout, said: “When legitimate, popular channels to acquire a popular app are blocked for whatever reason, it presents an opportunity for malicious actors to lure victims by promising a way around the restriction.

“The removal of the TikTok app from both Google Play and the Apple App Store in India has created a similar situation. Users should limit their risk by only installing apps from the official app stores and using mobile security as an added layer of protection.”

The message was first spotted by Times of India and it read: “Enjoy Tiktok video and create creative videos once again. Now TikTok is only available in (TikTok Pro) then download from below.” This message has a link to download the TikTok Pro APK file.

After downloading, the app icon appears as the TikTok app and asks for permissions to functions including camera, image gallery and microphone. After you provide these permissions, the app doesn’t function and simply stays on your phone.

Chris Hauk, consumer privacy champion at Pixel Privacy, said phishing attacks like these will continue to prove to be fruitful until users are educated on the risks of clicking links in text messages, WhatsApp messages and emails. “When users are looking to download apps like TikTok they will find that legitimate sources of the apps will not ask for personal or financial information before allowing them to download a free app,” he said.

“As for myself, I would also be concerned as to what TikTok does with my data after I install the app, as it has been found to spy on the clipboard on iOS devices.”

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!