Analysis of TikTok Scam

Unmasking the TikTok Scam Introduction: After the ban of TikTok by Indian Government, scammers are using this as a opportunity to distribute a malware named as TikTok Pro. Many users reported a SMS coming from their friends or other contacts to download the app. Recently, Telangana Police & Maharashtra Cyber Cell tweeted about this incident. This blog will be my technical analysis of the malware sample spreading via SMS. Maharashtra Cyber Cell Advisory Technical Analysis: Main Activity: Once the app is downloaded & executed it starts the MainActivity and sleeps for 2000s and later it calls login class to show the login form which looks similar to official TikTok app. Main Activity Login.Class: After calling the login class, the app checks for all the required permissions. If the check is passed it displays a login form which accepts any username or password having length greater than 3 and shows a fake message "Checking Username and Password... " wh