Security experts have warned that TikTok accounts are being used to promote scam apps for download on both the Google Play Store and Apple’s App Store.
AVAST IDENTIFIES ADWARE SCAM APPS
An investigation by Avast found multiple TikTok profiles promoting the apps to users across the world despite the fact they were scamming victims out of their money.
The company says it has identified seven adware scam apps available on both the iOS and Android app stores which have collectively been downloaded more than 2.4 million times.
TIKTOK SCAM APPS
Avast found at least three TikTok profiles promoting the apps, one of which has more than 300,000 followers as well as an Instagram profile with more than 5,000 followers.
The company was alerted to the scam after a child reported a TikTok profile promoting what appeared to be a suspicious app to Avast’s Be Safe Online project in the Czech Republic which educates children on how to stay safe online.
MALICIOUS APPS OFFERING UNREALISTIC FEATURES
The malicious apps, which all seem to be developed by the same person or group were the following:
• ThemeZone – Shawky App Free – Shock My Friends (Android)
• Tap Roulette ++Shock my Friend (Android)
• Ultimate Music Downloader – Free Download Music (Android)
• Shock My Friends – Satuna (iOS)
• 666 Time (iOS)
• ThemeZone – Live Wallpapers (iOS)
• Shock my Friend Tap Roulette v (iOS)
The apps all offered basic or unrealistic features. This includes simple games that claim to shock players as well as aggressively delivering ads to users unlucky enough to download.
Many of the apps were Hidden Ads Trojans that disguised itself as a safe and useful application. It serves intrusive ads outside of the app and hides the original app icon making it difficult for users to identify where the ads are being coming from.
Jakub Vávra, threat analyst at Avast said, “We thank the young girl who reported the TikTok profile to us. Her awareness and responsible action is the kind of commitment we should all show to make the cyber world a safer place.”
MALICIOUS APPS ARE BEING PROMOTED ON SOCIAL MEDIA
“The apps we discovered are scams and violate both Google’s and Apple’s app policies by either making misleading claims around app functionalities, or serving ads outside of the app and hiding the original app icon soon after the app is installed.
“It is particularly concerning that the apps are being promoted on social media platforms popular among younger kids, who may not recognise some of the red flags surrounding the apps and therefore may fall for them,” Vávra said.
Avast says it has reported the apps to Apple and Google and has reported the profiles to TikTok and Instagram.
Read the original article on The South African