TikTok scam messages getting circulated via socials, beware of malware and potential data breaches

Continue reading
After the government banned TikTok in India along with 58 other prominent Chinese-origin apps, miscreants are now taking advantage of TikTok 's success by spreading malware on its behalf. It is advised to ignore and not click on any such links, that is if you come across any message that claims TikTok is now available in India as TikTok Pro through WhatsApp or SMS.
Although the official TikTok app remains blocked in India, cybercriminals spread a malware called TikTok Pro via text messages from SMS and WhatsApp. The message reads -- Enjoy Tiktok video, and once again make creative videos. Now TikTok can only be downloaded from below in (TikTok Pro). -- a link for downloading the TikTok Pro APK file is also attached to this message.
The icon appears as the original TikTok app after you download this app, and asks for permissions for the camera, image gallery, microphone, and others. But after you've granted those permissions, the app doesn't work and just sits on your computer. Since it isn't available on Google Play and you'll need to download the APK file to install it, apps like these can easily steal user IDs from other popular social media accounts.
After cybersecurity firm Evina alerted Google that these apps were stealing user login details from Facebook, roughly 25 Android apps have been removed from Google Play store. These 25 apps had over 2 million downloads in total, and mainly provided features such as file managers, flashlights, wallpaper management, screenshot editor, and weather. The apps came with a malware that kept your Facebook login details record when you were using them on your phone.
It is strongly recommended that users do not download any APK files that resemble TikTok services or any other common apps that the government recently banned as these may be disguised as malware.

A single ClickFix infrastructure is pushing StealC, Amatera, Remus, NetSupport, CastleLoader and a new loader called ResiLoader through fake Google/Cloudflare checks.