Home Malware Programs Malware 'Tik Tok Pro' Malware

'Tik Tok Pro' Malware

Posted: September 10, 2020

The Tik Tok Pro' Malware is spyware that compromises Android devices and collects information, mainly, but not exclusively, Facebook logins. The Trojan's campaign masquerades the installer as a fake installer for a premium version of the TikTok video-sharing application. Users can protect themselves by avoiding unofficial application links (such as those outside of curated storefronts) and let their anti-malware solutions remove 'the Tik Tok Pro' Malware as they detect it.

The Tick-Tock Countdown to Filched Passwords

Threat actors can use both politics and business trends for their pet interests, such as collecting information and making money illicitly. The 'Tik Tok Pro' Malware accomplishes these two goals with a hiding place that takes advantage of hot anticipation of an upcoming ban on the TikTok video-sharing application. The legitimate TikTok application isn't malware but often garners disapproval from various governments, due to its Chinese affiliation and data-sharing policies.

The 'Tik Tok Pro' Malware's campaign is a re-tooling of a previous one that uses the same infection method: tricking users into installing a fake, 'pro' version of TikTok through SMS and WhatsApp links to corrupted websites. The earlier attacks installed a minor data collector with bundled adware features. The 'Tik Tok Pro' Malware is a significant change, with a highly-upgraded spyware payload. It also, interestingly, shows some similarities to previous spyware (Spymax and Spynote) even though it isn't a direct copy-paste job.

While malware experts note other data-collecting attacks from the 'Tik Tok Pro' Malware, it reserves its most distinguishing one for Facebook users: it creates a fake login page that collects any credentials that the user enters. Besides this sophisticated phishing attack, it also may hijack standard device functions for Android devices, including:

  • Loading other (possibly, threatening applications)
  • Taking screenshots
  • Initiating phone calls and SMS text messages
  • Executing miscellaneous system commands

As usual, most of these features occur without any visual evidence for the phone's owner.

How a Non-Working Application Stays Out of Sight

The 'Tik Tok Pro' Malware doesn't include a real version of TikTok in its installation tactic. However, the attack does a fake notification, which distracts the user while the application removes its visible UI elements. The 'Tik Tok Pro' Malware installer also drops a dummy or decoy file that might trick some cyber-security products into considering it a real application. The 'Tik Tok Pro' Malware is Android-specific and not a danger to other devices, although attackers may compromise accounts and access new hardware in that roundabout way.

Users who limit their application downloads to mostly-safe storefronts like Google's Play Store aren't at risk from the 'Tik Tok Pro' Malware campaign, for now. Those dealing with infections should disconnect their devices from all networks and change passwords for possibly-compromised accounts, including Facebook. Checking software for recent reviews offers another way of identifying a possible threat, even on Web application repositories.

Users should also update any relevant anti-malware services to remove the 'Tik Tok Pro' Malware with a minimum of trouble.

What's worth a headline in social media news can become a Trojan's phishing lure in another Web page. Users shouldn't rush headlong into downloading free solutions to government bans since doing so can land their phones (and data) at the bottom of a deadly fall.

Loading...