Attackers target users with malicious ads via TikTok

TikTok makes people do all sorts of crazy things like eat frozen honey, practice choreography, and even use malvertising campaigns to target users.

According to a new report published by Malwarebytes Labs, a new type of attack using TikTok has now emerged, in which the malware is disguised by attackers as free or cracked versions of games such as Among US and then targeted Gamers on the platform attack.

The gaming-themed accounts we see on TikTok often make the same publicity as you see on other platforms, the report said. Advertise that this is a free game, everything is free, no strings attached.

For example, a platform account provides a free game – “Hackers Among Us”, in which it allows users to play a simulated hacker. Also, you can choose normal mode or legendary mode, which will also change your attack countdown to 0 seconds and your destruction cooldown to 0.

Unexpectedly, the link provides malicious software.

Using TikTok to target young gamers

In their report, the researchers noted that there is little new in these types of attacks. However, if you use a video, it will make users feel more intimate, more engaging, and more targeted. Considering that games like “Among US” are mainly played for teenagers, the emerging TikTok software is likely to be a powerful tool for threat actors to launch attacks on children.

The researchers believe that these are attack techniques that are often used on other platforms, and the use of TikTok videos increases the credibility of these malicious links, which seem convincing to users who are not security-conscious, which is exactly what scams are. what the user wants.

Security personnel commented that having some real users tell you something that sounds real in a short video clip can improve the success of the attack. It all feels very casual, which is exactly the kind of atmosphere criminals want to create in their scams.

Attackers target Among Us and Steam platforms

In previous attacks, “Among US” and Steam have both been targeted. During the period when a large area was blocked in October 2020, the number of players of “Among US” began to rise sharply, which resulted in a swarm of hackers. In order to meet the large demand, the game developers expanded the server’s capacity. volume, which opens up new opportunities for malicious attackers.

Steam also had the same problem. In August, the platform’s Spart2Pay API was used to add unlimited funds to players’ wallets. In September, a Trojan program called BloodyStealer circulated in underground forums, mainly used to steal player account information on Steam, Epic Games Store and EA Origin.

Cyber ​​attacks against the gaming industry and gamers don’t seem to show any signs of slowing down. In 2020, web application attacks against the gaming industry surged by 340 percent, researchers said in a June report.

Game accounts are extremely valuable, even if you don’t have any actual assets, but you also have virtual gear, in-game currency that you often buy with real money, loot boxes, and more. Attackers usually promise that everything is free, but it seems to be deceiving. For younger users, these types of scams need to be avoided by these junior players under the guidance of their parents.

As before, there are some quick and easy safe ways for adults to help kids prevent attacks, the researchers said. Such as updating Windows, while making sure security tools are running properly, and using browser plug-ins in a timely manner to block known rogue ad domains. Although these methods are not very helpful in solving this problem, young gamers are very receptive.

The Links:   SKKD 46/12 LMG6911RPBC