Kaspersky discovers malware disguised as TikTok app alternative

July 23, 2020

With an estimated of more than 600 million downloads in the country, video sharing app TikTok, which allows user to create 15-second videos, is one of the most popular apps in India to date.

Kaspersky researchers have recently found that cybercriminals are sending users links to download malicious application to their phones. A seemingly genuine message is sent by a known contact to targets informing them about an alternative app with a download link available in place of TikTok. Named as “TikTok Pro”, once installed on a user’s device, it asks for permission to read contacts and send SMS. Then the user is asked to enter their TikTok credentials and click on the advertisement or install an advertised application – one of the ways cybercriminals earn money from app distribution.

kaspersky-discovers-malware-disguised-as-tiktok-app-alternative-1.png

The malware steals the affected users’ information and sends text with the malicious link to all numbers in the affected users’ contact book. Fortunately, the current malware modification does not steal users’ account credentials. An identical malware has been detected earlier, which was distributed under the guise of fake Jio offers.

kaspersky-discovers-malware-disguised-as-tiktok-app-alternative-2.png

kaspersky-discovers-malware-disguised-as-tiktok-app-alternative-3.png

“This activity shows that cybercriminals are increasingly intelligent and is constantly evolving according to the current landscape – they are quick to adapt and do not restrain from using ‘hot’ topics – to make themselves relevant”, noted Igor Golovin, malware analyst at Kaspersky.

"Cybercriminals understood that Tik Tok as one of the most popular apps amongst Indian consumers to date, could also be a good bait to attack the users. We urge users to follow basic cyber hygiene while online. If a user has received a link from their known contact, there is no harm in rechecking with their friend about the same or checking for its authenticity through other reliable sources. It is always better to be a little more suspicious online rather than being a victim to a cybercriminal activity", Dipesh Kaura, General Manager for South Asia, Kaspersky added.

To protect yourself form threats such as this malware, Kaspersky recommends users:

Always download applications from the official app store
Read through the list of app permissions to ensure you are aware of what information and functions the app can access on your device, which can be crucial to identify if an app is fake or not
Use a trusted cybersecurity solution like Kaspersky Internet Security for Android to secure your device

Learn more details about this malware on Securelist.com.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 250,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Kaspersky discovers malware disguised as TikTok app alternative

Kaspersky discovers malware disguised as TikTok app alternative

About Kaspersky

Related Articles Press Releases

Kaspersky and Manipal Institute of Technology Sign MoU to Promote Cybersecurity Education and Skillsets

Meet Kaspersky Next: New flagship product line for businesses in India

Kaspersky and USI-CyberPeace Cyber CoE conduct joint cyber drill for India’s Critical Information Infrastructure (CII) industries

Kaspersky is the Official Cybersecurity Partner of Mumbai Indians for 2024

Kaspersky Fortifies Digital Resilience by adding Savex Technologies to its network of India's B2B distributors

Kaspersky and Indian Institute of Technology Bombay Sign MoU to Advance Cybersecurity Education and Research

Reckoning Esports and Kaspersky Partners to bolster Cybersecurity in Esports

Digital life deserves complete protection: Kaspersky announces early access to new and reimagined consumer product portfolio

Kaspersky's Antidrone Solution wins Aegis Graham Bell Awards for ‘Innovation in Cyber Security’

Miscommunications in IT security lead to cybersecurity incidents in 80% of Indian companies