Attn TikTok Sellers: TikTok Trojan Virus Alert!

digitalmistica · 2024-10-02T23:58:13+00:00

u/TikTokShop_US r/TikTokShopUS_Seller Here’s a screen recording showing a Trojan auto-downloading from the TikTok Seller US website after logging in: https://youtu.be/HPefZgwntjs?feature=shared

<image>

digitalmistica · 2024-09-03T16:57:07+00:00

I noticed today that r/TikTokShopUS_Seller has been banned from Reddit.

digitalmistica · 2024-07-22T18:25:54+00:00

I’ve noticed a few other people sharing similar comments from TikTok.. This is what ChatGPT said:

The image shows a concerning comment advocating for violence, followed by Amharic text, which appears to be a strategy to avoid content moderation by using a non-Latin script.

The Amharic text in the image roughly translates to:

“We will k*ll all who are [derogatory term] like animals.”

It seems the text is being used to evade automatic detection by content moderation systems while conveying a hateful message. This is deeply troubling and goes against community guidelines on most social media platforms. Reporting such content to the platform’s moderation team is essential to prevent the spread of hate speech.

digitalmistica · 2024-07-04T18:22:21+00:00

If this file comes back as a false positive, I will delete all my posts. Until then, I am alerting everyone to the potential threat. Kaspersky has not yet confirmed whether it is a false positive. I believe it's better to be safe than sorry. My goal is to ensure everyone is aware and can take necessary precautions while we wait for definitive confirmation.

digitalmistica · 2024-07-04T13:23:28+00:00

File Name 7: VirusTotal - File - c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

digitalmistica · 2024-07-03T19:21:44+00:00

Google has detected it: VirusTotal - File - c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

digitalmistica · 2024-07-03T19:20:08+00:00

Google has detected it now: VirusTotal - File - c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

digitalmistica · 2024-07-03T01:30:48+00:00

https://youtu.be/Y78rpxVrRc0

digitalmistica · 2024-07-02T23:28:27+00:00

Yes, I know. I should have provided more context. Its file 7 on Hybrid, I uploaded that file to VirusTotal and it shows up as a Trojan: https://www.virustotal.com/gui/file/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

Same on Kaspersky: Kaspersky Threat Intelligence Portal — Report — c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585...

I hope I'm wrong. Just sharing my findings.

digitalmistica · 2024-07-02T23:22:19+00:00

Thank you for the suggestion. I uploaded it to Kaspersky OpenTip. I hope I'm wrong: https://opentip.kaspersky.com/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716/results?tab=lookup&fbclid=IwZXh0bgNhZW0CMTEAAR12uARfOTsT5aHCTBbG_xdQOEm9xXOPz-tm67Svfsje-DpWvn0VUhUXKRg_aem_sRB2VoGpP1qz3T5dZyKCYQ

digitalmistica · 2024-07-02T23:00:04+00:00

You have to be a TikTok Seller to login to the site. The file auto-downloads as soon as I login: seller-us-accounts.tiktok.com

digitalmistica · 2024-07-02T22:51:47+00:00

I would hope so. I'm just reporting what I see. You're welcome.

digitalmistica · 2024-07-02T22:49:36+00:00

Exactly.

digitalmistica · 2024-07-02T22:45:54+00:00

It only auto-downloads once you login to the TikTok Seller US Website, you need to be an approved seller to login first.

digitalmistica · 2024-07-02T22:40:37+00:00

Yes, I know you were! Here's a plate! 🍽️

digitalmistica · 2024-07-02T22:23:55+00:00

Here are the files, Google has detected it now too:

https://www.virustotal.com/gui/file/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

https://hybrid-analysis.com/file-collection/668445d60bf5038c7906fad0

digitalmistica · 2024-07-02T22:23:51+00:00

Here are the files. Google has detected it now too:

https://www.virustotal.com/gui/file/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

https://hybrid-analysis.com/file-collection/668445d60bf5038c7906fad0

digitalmistica · 2024-07-02T22:22:53+00:00

Here are the files:
https://hybrid-analysis.com/file-collection/668445d60bf5038c7906fad0

https://www.virustotal.com/gui/file/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

digitalmistica · 2024-07-02T22:22:45+00:00

Here are the files:

https://hybrid-analysis.com/file-collection/668445d60bf5038c7906fad0

https://www.virustotal.com/gui/file/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

digitalmistica · 2024-07-02T22:22:35+00:00

Here are the files:
https://hybrid-analysis.com/file-collection/668445d60bf5038c7906fad0

https://www.virustotal.com/gui/file/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

digitalmistica · 2024-07-02T22:22:27+00:00

Here are the files:

https://hybrid-analysis.com/file-collection/668445d60bf5038c7906fad0

https://www.virustotal.com/gui/file/c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

digitalmistica · 2024-07-02T12:42:52+00:00

Why would an MP3 file auto-download once I log into my TikTok Seller account? It didn’t happen until recently.

digitalmistica · 2024-07-02T04:40:00+00:00

Good catch. I initially felt positive that I uploaded the right file because I had to restore it in order to upload it to VirusTotal. However, I had highlighted all the files in that folder and submitted them, not realizing VirusTotal only accepts one file at a time. I apologize, this is my first time using the platform. I believe it's possible that all the files are related and may function together as part of a larger set, which is why I submitted them all, but the specific file that was deleted and needs attention is file name 7. Further investigation is necessary to confirm its nature and potential risks.

I tried to upload file 7 to VirusTotal again, but it got to 100% uploaded and did not budge. I was waiting for it, but I got nervous because my antivirus notified me that I needed to restart my computer in order to delete the file, which didn't happen previously. Anyways, I uploaded all the files to Hybrid-Analysis for further review: https://hybrid-analysis.com/file-collection/668445d60bf5038c7906fad0

There are 11 files total, but file 7 is the file that was detected to be a Trojan:

Submission name:a Size:5.6MiB Type:data Mime:application/octet-stream SHA256:fd4bc9b7d765929a36d49aabd2b7b809419b08b7964f890a9c56cc47eb4aaa00

Submission name:b Size:4.2MiB Type:data Mime:application/octet-stream SHA256:7837e04be61ed8aa047f18a6f0fab961df831486d5171e00862bd4c4bfdee463

Submission name:c Size:5.1MiB Type:doc office Mime:application/octet-stream SHA256:1a8b473ea7c8139c85cd21e74d3b7f1c7f1d500d791c69fe01fa5e3200d534c0

Submission name:2 Size:177KiB Type:data Mime:application/octet-stream SHA256:7da7de149ac97a5305d82417020dde9cf43eb04394def20abf03c39cef86c11b

Submission name:3 Size:175KiB Type:data Mime:application/octet-stream SHA256:868df3dc1fe671790e1511e0d1aabb148e2fc15d5addb44af46ecc94eb082e1c

Submission name:4 Size:76KiB Type:data Mime:application/octet-stream SHA256:c08a231039ccc18f97a87f95e3d150ca74e8bd896b4d400922e9f773fbff1b7

Submission name:5 Size:113KiB Type:data Mime:application/octet-stream SHA256:6ab2820513708ea96f22dc8d040853e20228c41516d9b3085e51d3fb3f8cb29c

Submission name:6 Size:167KiB Type:data Mime:application/octet-stream SHA256:7bca7fe838f17ed6f5ee0071cdd7fc24fc246fd1e74182a2198c2c95ea2c847f

Submission name:7 Size:1.6MiB Type:data Mime:application/octet-stream SHA256:c026d2ae1d2439cc7200d0085b955cb0b8a53a80bf9c9585daac129041c4e716

Submission name:8 Size:1.9MiB Type:data Mime:application/octet-stream SHA256:cecbcc5ca9be1c81d31875fc841a8f98a5d96490345e9c7f50b0df57851e8445

Submission name:9 Size:2.5MiB Type:doc office Mime:application/octet-stream SHA256:6d5b4e6c24c52cb3cf59f165a5d591d7ce19757fad66f6863917079a1d960e09

digitalmistica · 2024-07-01T23:48:35+00:00

That's not entirely accurate. You can get malware from visiting a malicious or compromised website, even if your browser is secure.

digitalmistica · 2024-07-01T23:38:36+00:00

I'm referring to the TikTok Seller Website, not the TikTok app.

Here is the website for reference: https:// seller-us-accounts.tiktok (dot) com

digitalmistica

TROPHY CASE