Attackers are exploiting fears about a possible TikTok ban in the U.S. to push Android spyware hiding in a "TikTok Pro" app. The spyware can take over Android device functions and create a phishing site to steal Facebook credentials. The attackers are urging victims via SMS and WhatsApp messages to download the bogus TikTok Pro app from a specific web address, according to Shivang Desai, chief information security officer and vice president of security at Zscaler.
More from Zscaler:
- When a victim tries to open the app, it launches a fake notification as a distraction while the malware hides itself on the Android device.
- The malware launches as an Android service named MainService, which then controls the device based on commands sent by the attackers' command and control server.
- To prevent malware infection, Zscaler advises Android users to only install apps from Google Play, never click on unknown links, and keep the "unknown sources" option disabled, thereby preventing apps from unknown sources from being installed.
- China unveiled a new data security initiative in retaliation for the Trump administration's efforts to limit the ability of Chinese companies to access the U.S. market.