Scam Apps Circulating on ‘TikTok’ Made $500,000 From 2.4 Million Users

  • Actors are promoting adware apps through TikTok, tricking, and convincing the younger audience.
  • The apps all have bad reviews, but clicking directly on the posted URLs skips the checking stage.
  • The adware network was reported by a 12-year-old girl, stopping the profits at half a million USD.

An increasing number of reports coming from ‘TikTok’ users talk about the coordinated effort of some profiles to distribute scamming applications on the platform. The adware apps are promoted by at least three profiles that have hundreds of thousands of followers each, and they have managed to convince about 2.4 million users to install them.

The fraudulent ads served by these apps is estimated to have made a profit of $500,000 for the crooks – and this is actually according to the most conservative estimations.

The victims come from both the Android and the iOS userspace, and besides TikTok, Avast researchers have found a link with Instagram accounts as well. As for the target audience, that would be mainly young users. This is why the fake apps are mostly games, wallpaper fetchers, music downloaders, etc.

To evade detection and trick the users, the adware apps have built-in timers to delay the deliverance of the advertisements. In some cases, the apps openly promote service subscriptions in the range of $2 to $10, which is low enough to make it possible for young users to enroll. In all of these cases, no services are ever offered or are totally sub-par.

Related: The “TikTok Pro” App Is Essentially Spyware Under Disguise

The user who reported the app leading Avast to investigate the particular network was a 12-year old girl in the Czech Republic. She suspected that something was off when she saw the app being aggressively promoted on TikTok. Educating your children about online safety is critical, and in this case, it has saved many more users from losing their money to scammers.

The adware apps, which all have very low user ratings on the app stores, are the following:

  • Shock My Friends – Satuna (AppStore)
  • 666 Time (AppStore)
  • ThemeZone – Live Wallpapers (AppStore)
  • Shock my Friend Tap Roulette v (AppStore)
  • Ultimate Music Downloader – Free Download Music (Google Play)
  • Tap Roulette ++Shock my Friend (Google Play)
  • ThemeZone – Shawky App Free – Shock My Friends (Google Play)

Source: Bleeping Computer

Ben Pick, the Senior Application Security Consultant at nVisium, has provided us with the following comment on the above story:

Using TikTok profiles for promoting scam apps is only the latest vector of abusing popular channels to capture profit from unsuspecting supporters. The best method to not be susceptible is to verify the app being downloaded and not click a link directly from a user’s profile. Check for excessive permissions and numerous bad reviews to prevent downloading similar scam or outright malicious apps. Unfortunately, this issue will not be going away as there is nothing stopping anyone from advertising their own interests or paid apps. 



How to Unlock Your iPhone 13 Without Passcode or Face ID

As you're surely aware by now, your iPhone 13 comes with solid authentication measures. So, if you use a passcode or Face...

The Dutch Government Wants to Outlaw Ransomware Payments

The Dutch government is exploring ways to reduce ransom payments to ransomware groups.One idea is to just outlaw these payments and render...

“Water Basilisk” Campaign Exploiting File Hosting Services to Deliver Multiple RAT Payloads

A new campaign delivering a multitude of RATs on the victim relies on file-less techniques and online service abuse.Named “Water Basilisk”, the...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari