Tiktok Pro

Tiktok Pro is spyware that has been masquerading as the TikTok application.[1]

ID: S0558
Platforms: Android
Version: 1.0
Created: 05 January 2021
Last Modified: 19 April 2021

Techniques Used

Domain ID Name Use
Mobile T1433 Access Call Log

Tiktok Pro can collect the device’s call logs.[1]

Mobile T1432 Access Contact List

Tiktok Pro can access the device's contact list.[1]

Mobile T1418 Application Discovery

Tiktok Pro can obtain a list of installed applications.[1]

Mobile T1402 Broadcast Receivers

Tiktok Pro has registered for device boot, incoming, and outgoing calls broadcast intents.[1]

Mobile T1429 Capture Audio

Tiktok Pro can capture audio from the device’s microphone and can record phone calls.[1]

Mobile T1512 Capture Camera

Tiktok Pro can capture photos and videos from the device’s camera.[1]

Mobile T1412 Capture SMS Messages

Tiktok Pro can collect SMS messages from the device.[1]

Mobile T1605 Command-Line Interface

Tiktok Pro can execute commands .[1]

Mobile T1533 Data from Local System

Tiktok Pro can collect device photos and credentials from other applications.[1]

Mobile T1447 Delete Device Data

Tiktok Pro can delete attacker-specified files.[1]

Mobile T1476 Deliver Malicious App via Other Means

Tiktok Pro has been distributed via direct download on 3rd party websites, with the link sent in phishing SMS messsages.[1]

Mobile T1420 File and Directory Discovery

Tiktok Pro can list all hidden files in the /DCIM/.dat/ directory.[1]

Mobile T1541 Foreground Persistence

Tiktok Pro has shown a persistent notification to maintain access to device sensors.[1]

Mobile T1411 Input Prompt

Tiktok Pro can launch a fake Facebook login page.[1]

Mobile T1430 Location Tracking

Tiktok Pro can track the device’s location.[1]

Mobile T1444 Masquerade as Legitimate Application

Tiktok Pro has masqueraded as TikTok.[1]

Mobile T1603 Scheduled Task/Job

Tiktok Pro has contained an alarm that triggers every three minutes and timers for communicating with the C2.[1]

Mobile T1513 Screen Capture

Tiktok Pro can take screenshots.[1]

Mobile T1582 SMS Control

Tiktok Pro can send SMS messages.[1]

Mobile T1508 Suppress Application Icon

Tiktok Pro can hide its icon after launch.[1]

Mobile T1426 System Information Discovery

Tiktok Pro can check the device’s battery status.[1]