This TikTok Thirst Trap Is Tricking People Into Downloading Malware

TikTok’s latest trend is the “invisible body” challenge, in which users post seemingly nude videos of themselves obscured with filters. Unsurprisingly, some users are curious whether there are ways to remove the filters from said videos to reveal the...

This TikTok Thirst Trap Is Tricking People Into Downloading Malware

Image for article titled This TikTok Thirst Trap Is Tricking People Into Downloading Malware

TikTok’s latest trend is the “invisible body” challenge, in which users post seemingly nude videos of themselves obscured with filters. Unsurprisingly, some users are curious whether there are ways to remove the filters from said videos to reveal the uploader’s naked bodies, and they are downloading third-party software to do it.

I hate to be the bearer of bad news, but there is no way to “unfilter” a downloaded TikTok video. Trying to do so is a great way to become a victim yourself, however, as opportunistic hackers have jumped on the trend and are distributing a fake app called “TikTok unfilter” that claims to unscramble the invisible body filter. Really, it just infects your devices with malware.

A literal thirst trap

Scammers advertise the fake app on TikTok videos that link to a Discord server called “Space unfilter.” The server then takes you to a GitHub download page. To appear legit, the hackers cloned a real GitHub project but modified it to install the “WASP Stealer” malware.

WASP Stealer is a particularly dangerous malware strain. Once it’s installed on your device, it can copy financial information from browsers, hijack Discord login credentials, and even steal cryptocurrency or locally-stored files. Bleeping Computer has a full breakdown of how the malware works if you’re interested in the gory details.

According to a report from the Checkmarx cyber security firm, TikTok banned at least two profiles advertising the Space Unfiltered Discord server, but not before both gained over a million combined views. The Discord server had at least 32,000 users at one point, and the TikTok Unfilter repository racked up enough downloads to rank on GitHub’s trending projects list. The server has also shut down, but it’s likely the hackers simply made a new community instead, and is still active.

G/O Media may get a commission

Meta Quest 2 Bundle

13% Off

Meta Quest 2 Bundle

Enter a new reality
This bundle packs in the Meta Quest VR headset itself, two controllers, Beat Saber, and Resident Evil 4 as well, which is everything you need to have a good time.

Too good to be true

Despite the real threat this malware poses to TikTok users, it’s easily avoidable: Just don’t click on links promising to uncover someone’s “nude” video, which is impossible anyway—TikTok only records one version of a video, and if a filter is applied, it can’t be removed. There’s no hidden “nakedness data” the app can reveal, even if the person was, in fact, totally nude when they filmed it. Think about it: It would be a legal nightmare for TikTok if such a thing were possible. I guess you’ll have to use your imagination instead, or try one of the many much safer and legal ways to find naked people on the internet.

That said, if you did already download an unfilter app, you probably downloaded malware. Use a trusted anti-malware app to remove the files, update your passwords everywhere, and monitor your Discord profile, banking accounts, and credit report for strange activity.

[Bleeping Computer]