The hackers managed to target dozens of well-known users by sending them emails, threat researchers working at AbnormalSecurity revealed. According to the campaign, this was one of the earliest considerable attacks on the influencers of TikTok.
The researchers working at the email security provider detected that the cybercriminals sent emails to the targeted accounts, which requested the users to verify their log-in information.
It was detected on the respective dates: 2nd October and 1st November, that the emails were sent to the personals globally. The firm reported on Tuesday, that the criminals targeted influencers of all regions. The threat intelligence analyst, Rachelle Chouinard confirmed the news while writing in a report.
The attackers cleverly targeted the users by faking that they were among the team of the short- video-making app. The email sent said that the user has violated the app’s copyright and to verify themselves, they are required to reply to the email. The email further threatened users that if they failed to do so, it would take them 48 hours to take action against them.
Another email was sent that not only claimed that it was sent by the app’s officials, but also informed the targeted users that their accounts were eligible for a ‘verified badge.’ The hackers urged the end-users to reply to their emails for getting their accounts verified.
The campaign targeted a wide range of audiences from all over the globe that included models, actors, magicians, and even content creators. Chouinard further informed that the hackers sent several emails to the wrong company of the alike name of the same country. The research firm noted that the majority of the email addressed were directly picked from social media.
After the users responded to the email, it was followed by a response containing a precise link that was titled “ Confirm My account.” After users pressed the link, it directed them to a chat conversation on WhatsApp.
Chouinard said that we decided to apply their tactics on them, and while we were directed to a WhatsApp chat, we were requested to verify the phone number and the email associated with our targeted TikTok accounts. Following this, we were asked to send a six-digit code that was sent to our numbers, to confirm our ownership of the account. After that the hackers got to know that our followers were below average, so the conversation came to an end, she said. Chouinard said that the company tried reaching an influencer with a large fan base, to allow them to use their account for the experiment, but they failed.
According to the information, as a result of the campaign, most of the users resulted in their accounts got deleted or taken over, which also included their data being stolen.
Photo: Jaap Arriens/NurPhoto via Getty Images
Read next: The Best Antivirus Software For MacOS And Android Devices, Both For Home And Business Users
The researchers working at the email security provider detected that the cybercriminals sent emails to the targeted accounts, which requested the users to verify their log-in information.
It was detected on the respective dates: 2nd October and 1st November, that the emails were sent to the personals globally. The firm reported on Tuesday, that the criminals targeted influencers of all regions. The threat intelligence analyst, Rachelle Chouinard confirmed the news while writing in a report.
The attackers cleverly targeted the users by faking that they were among the team of the short- video-making app. The email sent said that the user has violated the app’s copyright and to verify themselves, they are required to reply to the email. The email further threatened users that if they failed to do so, it would take them 48 hours to take action against them.
Another email was sent that not only claimed that it was sent by the app’s officials, but also informed the targeted users that their accounts were eligible for a ‘verified badge.’ The hackers urged the end-users to reply to their emails for getting their accounts verified.
The campaign targeted a wide range of audiences from all over the globe that included models, actors, magicians, and even content creators. Chouinard further informed that the hackers sent several emails to the wrong company of the alike name of the same country. The research firm noted that the majority of the email addressed were directly picked from social media.
After the users responded to the email, it was followed by a response containing a precise link that was titled “ Confirm My account.” After users pressed the link, it directed them to a chat conversation on WhatsApp.
Chouinard said that we decided to apply their tactics on them, and while we were directed to a WhatsApp chat, we were requested to verify the phone number and the email associated with our targeted TikTok accounts. Following this, we were asked to send a six-digit code that was sent to our numbers, to confirm our ownership of the account. After that the hackers got to know that our followers were below average, so the conversation came to an end, she said. Chouinard said that the company tried reaching an influencer with a large fan base, to allow them to use their account for the experiment, but they failed.
According to the information, as a result of the campaign, most of the users resulted in their accounts got deleted or taken over, which also included their data being stolen.
Photo: Jaap Arriens/NurPhoto via Getty Images
Read next: The Best Antivirus Software For MacOS And Android Devices, Both For Home And Business Users