Nude TikTok trend exploited by hackers in new data-theft scam

A new scam is targeting TikTokers following the new “invisible body” trend whereby users film themselves naked with a filter which completely blurs their bodies.

Scammers are now capitalising on the nude trend by offering a fake app that claims to have the ability to remove the blur - but what it really does is quite different.

Instead of seeing naked bodies, users will be downloading malware capable of obtaining passwords and credit cards stored within the user’s browser, files from their computer, cryptocurrency wallets and Discord accounts, a report by security firm Checkmarx said.

Watch the latest News on Channel 7 or stream for free on 7plus >>

It reports that two TikTok users, who have since been removed from the platform, posted videos, with more than 1 million views combined, promoting a software app able to “remove filter invisible body“ with a link to download it.

But the link leads users to a Discord server, where non-related NSFW videos uploaded by the scammer further trick the user into downloading the WASP stealer (Discord token grabber) software.

The server, which has since been removed, had about 32,000 members, the report said.

The hashtag #invisiblefilter currently has 27.3 million views. The short and viral nature of TikTok videos make them an ideal platform for quickly and efficiently promoting products, including malicious software.

The security firm believes the scam is a sign of what is to come in the new year for cyber threats.

“These attacks demonstrate again that cyberattackers have started to focus their attention on the open-source package ecosystem; We believe this trend will only accelerate in 2023,” Checkmarx said.

7NEWS.com.au has contacted the Australian Cyber Security Centre for comment.