TikTok Invisible Body challenge deployed to steal data

Security researchers have raised concerns about the personal risks of participating in the Invisible Challenge, a viral TikTok challenge that involves a person filming themselves naked while using an effect called Invisible Body that removes the body from the video.

This is because threat actors have exploited it with a reported unfilter software that is meant to show the nudes but in reality, targets users to spread data-stealing malware.

The challenge has piqued the interest of malicious actors, who are using it to distribute data-stealing malware disguised as a software app called Unfilter, which claims to allow users to view original, uncensored videos.

According to Checkmarx security researchers, soon after the Invisible Challenge became popular, miscreants began posting TikTok videos with links to fake “unfilter” software that claims to remove the invisible filter and reveal the naked video creator.

WASP Stealer (Discord Token Grabber), an infostealer that targets Discord accounts, other credentials, and credit card data stored in victims’ web browsers, cryptocurrency wallets, and other files, is installed by the unfilter software. The campaign appeared to be linked to other malicious Python packages, and some of the code may have been stolen from a legitimate package via StarJacking, which involves hijacking the legitimate package’s GitHub Stars rating to make it appear more popular than it is.

The sources for this piece include an article in TheRegister.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web