Hackers are capitalizing on a trending TikTok challenge named ‘Invisible Challenge’ to install malware on thousands of devices and steal their passwords, Discord accounts, and, potentially, cryptocurrency wallets.
A new and trending TikTok challenge requires you to film yourself naked while using TikTok’s “Invisible Body” filter, which removes the body from the video and replaces it with a blurry background.
This challenge has led to people posting videos of them allegedly naked but obscured by the filter.
To capitalize on this, threat actors are creating TikTok videos that claim to offer a special “unfiltering” filter to remove TikTok’s body masking effect and expose the TikTokers’ nude bodies.
However, this software is fake and installs the “WASP Stealer (Discord Token Grabber)” malware, capable of stealing Discord accounts, passwords and credit cards stored on browsers, cryptocurrency wallets, and even files from a victim’s computer.
These videos received over a million views shortly after being posted, with one of the threat actor’s Discord servers amassing over 30,000 members.
