Security

Scam Apps Circulating on ‘TikTok’ Made $500,000 From 2.4 Million Users

Written by Bill Toulas
Last updated June 23, 2021

An increasing number of reports coming from ‘TikTok’ users talk about the coordinated effort of some profiles to distribute scamming applications on the platform. The adware apps are promoted by at least three profiles that have hundreds of thousands of followers each, and they have managed to convince about 2.4 million users to install them.

The fraudulent ads served by these apps is estimated to have made a profit of $500,000 for the crooks - and this is actually according to the most conservative estimations.

The victims come from both the Android and the iOS userspace, and besides TikTok, Avast researchers have found a link with Instagram accounts as well. As for the target audience, that would be mainly young users. This is why the fake apps are mostly games, wallpaper fetchers, music downloaders, etc.

To evade detection and trick the users, the adware apps have built-in timers to delay the deliverance of the advertisements. In some cases, the apps openly promote service subscriptions in the range of $2 to $10, which is low enough to make it possible for young users to enroll. In all of these cases, no services are ever offered or are totally sub-par.

Related: The “TikTok Pro” App Is Essentially Spyware Under Disguise

The user who reported the app leading Avast to investigate the particular network was a 12-year old girl in the Czech Republic. She suspected that something was off when she saw the app being aggressively promoted on TikTok. Educating your children about online safety is critical, and in this case, it has saved many more users from losing their money to scammers.

The adware apps, which all have very low user ratings on the app stores, are the following:

TikTokpromScamApps

Source: Bleeping Computer

Ben Pick, the Senior Application Security Consultant at nVisium, has provided us with the following comment on the above story:

Using TikTok profiles for promoting scam apps is only the latest vector of abusing popular channels to capture profit from unsuspecting supporters. The best method to not be susceptible is to verify the app being downloaded and not click a link directly from a user’s profile. Check for excessive permissions and numerous bad reviews to prevent downloading similar scam or outright malicious apps. Unfortunately, this issue will not be going away as there is nothing stopping anyone from advertising their own interests or paid apps. 


For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: