If you are a social media person, and have TikTok installed on your device, then you should have come across the popular TikTok challenge tagged “Invisible Challenge”. However, Nigeria Communication Commission has warned that you shouldn’t partake of it because it put your device at risk.
In the viral TikTok trend challenge, participants must record nak*d videos of themselves and utilize TikTok’s “Invisible Body” filter to replace their bodies with a hazy background.
The NCC warned consumers that the challenge puts their devices at risk of information-stealing malware known as the WASP (or W4SP) stealer in a statement.
The advisory said: “The Invisible Challenge involves wrapping a somewhat transparent body contouring filter around a presumed nak*d individual. Attackers are uploading videos to TikTok with a link to software that they claim can reverse the filter’s effects.
Here is How Your Device Get Infected
Those who click on the link and attempt to download the software, known as ‘unfilter,’ are infected with the WASP stealer. Suspended accounts had amassed over a million views after initially posting the videos with a link.
Following the link leads to the ‘Space Unfilter’ Discord server, which had 32,000 members at its peak but has since been removed by its creators.
“Successful installation will allow the malware to harvest keystrokes, screenshots, network activity and other information from devices where it is installed.
It may also covertly monitor user behavior and harvest Personally Identifiable Information (PII), including names and passwords, keystrokes from emails, chat programmes, websites visited, and financial activity.
“This malware may be capable of covertly collecting screenshots, video recordings, or the ability to activate any connected camera or microphone.”
How to Prevent The Malware Attack From TikTok Challenge
The Team said some ways to forestall such an attack include avoiding clicking on suspicious links, using anti-malware software on your devices, checking the app tray and removing any apps that you do not remember installing or that is dormant and embracing healthy password hygiene practices, such as using a password manager.
The CSIRT is the telecoms sector’s cyber security incidence center set up by the NCC to focus on incidents in the telecom sector as they may affect telecom consumers and citizens at large.