Showing posts from August, 2020

Analysis of TikTok Scam

Unmasking the TikTok Scam Introduction:     After the ban of TikTok by Indian Government, scammers are using this as a opportunity to distribute a malware named as TikTok Pro.  Many users reported a SMS coming from their friends or other contacts to download the app. Recently, Telangana Police & Maharashtra Cyber Cell  tweeted  about this incident. This blog will be my technical analysis of the malware sample spreading via SMS.  Maharashtra Cyber Cell Advisory Technical Analysis: Main Activity:     Once the app is downloaded & executed it starts the MainActivity and sleeps for 2000s and later it calls login class to show the login form which looks similar to official TikTok app. Main Activity Login.Class:     After calling the login class, the app checks for all the required permissions. If the check is passed it displays a login form which  accepts any username or password having length greater than 3 and shows a fake message "Checking Username and Password... "  wh