The WASP stealer, which is high in probability with critical damage potential, is a persistent malware hosted its developer claims are undetectable.
The Nigerian Communications Commission has cautioned Nigerians on the risk of taking part in a new TikTok trend called Invisible Challenge, saying it could expose devices to malware.
The challenge exposes devices to information-stealing malware, the NCC’s Computer Security Incident Response Team said in a statement signed by spokesperson Reuben Muoka.
The advisory said threat actors were using the challenge to disseminate an information-stealing malware known as the WASP (or W4SP) stealer.
The WASP stealer, which is high in probability with critical damage potential, is a persistent malware hosted its developer claims are undetectable.
“The Invisible Challenge involves wrapping a somewhat transparent body contouring filter around a presumed naked individual. Attackers are uploading videos to TikTok with a link to software that they claim can reverse the filter’s effects,” it said.
“Those who click on the link and attempt to download the software, known as “unfiltered,” are infected with the WASP stealer. Suspended accounts had amassed over a million views after initially posting the videos with a link,” the commission said.
The NCC said some ways to prevent such attacks are avoiding clicking on suspicious links and using anti-malware software on your devices.
Also, checking the app tray and removing any apps that a user does not remember installing or that are dormant and embracing healthy password hygiene practices such as using a password manager will help.
The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.