SUMMARY
The app asks for permission to access photos and gallery
Fraudsters have also created several fake versions of government’s Aarogya Setu app
Delhi cyber cell had also issued a list of 13 dangerous websites providing Covid-19 data
In a bid to leverage the ban on short video app TikTok, fraudsters have now taken to WhatsApp and other messaging services to promote links to a fake TikTok Pro. The Maharashtra cyber cell has warned internet users to not click on any such link as it can potentially steal user data.
The message, which was first spotted by the Times of India, claimed that the China-based TikTok app has been relaunched in India as TikTok Pro. “Enjoy TikTok video and create creative videos once again. Now TikTok is only available in [TikTok Pro] So Download from below,” the message read.
The message also hosts an APK file to download TikTok. Once clicked, the user will be able to download an app that has TikTok’s icon. The app will reportedly ask for users’ permission to access the camera, gallery and other functions of the smartphone. However, despite all permission, the applications will not function.
Notably, the ‘TikTok Pro’ app is not available in Google Play Store. A Maharashtra cyber cell office, who chooses to be anonymous, told PTI that the fraudsters aim to trap people who want to download the video-sharing application. These links contain malware that is targeted to steal user data, users ID of other platforms and more.
The ban of short video apps like TikTok, Vigo and Likee over their Chinese origin has left a void in the India hypershort content domain, but several Indian players have been aggressively working towards filling the gap with their offerings. This includes Chingari, Mitron, ShareChat’s Moj, along with several other players set to launch in the near future.
Before Chinese apps ban, fraudsters were using the Covid-19 pandemic into luring customers to share their data. In March, DCP of Delhi Police’s cybercrime department released a list of 13 potentially “dangerous” websites exploiting the interest and panic around coronavirus. These included coronavirusstatus[.]space, coronavirus-map[.]com and blogcoronacl.canalcero[.]digital, among others.
Following domains are listed as potentially dangerous domains, please don’t open them:-
coronavirusstatus[.]space
coronavirus-map[.]com
blogcoronacl.canalcero[.]digital
coronavirus[.]zone
coronavirus-realtime[.]com
coronavirus[.]app
bgvfr.coronavirusaware[.]xyz
(1/2)#StaySafe— DCP Cybercrime (@DCP_CCC_Delhi) March 25, 2020
Scammers had also created several fake versions of the government’s contact-trace app Aarogya Setu to steal users’ data. Cybersecurity firm SonicWall Labs Threats found that malicious fakes of the Aarogya Setu app which were spyware in disguise.
The firm highlighted that even uninstalling the app through the regular methods only removes the app in the front, whereas the spyware would still be present on the device. These apps were capable of making phone calls to premium numbers, recording phone calls, sending SMSes, taking photographs and also recording videos.
