TikTok Users Earned $500,000 Pushing Scam Apps - Until a 12-Year-Old Reported Them

An anonymous reader quotes CPO magazine:

An Avast report found that several popular TikTok profiles profited by pushing scam apps to underage children. At least three TikTok accounts with over 350,000 followers were implicated. The campaign involved at least seven scam apps distributed on both Google Play Store and Apple App Store. Users had downloaded the rogue apps more than 2.4 million times, earning the fraudsters more than $500,000.

A 12-year old girl from the Czech Republic discovered a suspicious behavior on a popular app trending on TikTok and reported it to Avast. The child was a participant in the Avast’s “Be Safe Online” cybersecurity initiative that teaches the youth how to identify cyber threats. Researchers at the cybersecurity firm investigated and found at least three TikTok profiles aggressively advertising scam apps to underage children. One of the TikTok profiles had more than 300,000 followers, while an Instagram account had more than 5,000 fans. Following the discovery, Avast researchers reported the scam apps to Google, Apple, Instagram, and TikTok…

Avast reported that most of the scam apps promoted by the popular TikTok profiles were HiddenAd trojans. Such apps are disguised as useful software but served intrusive ads outside the app. They also hid app icons to prevent users from finding out the ads’ source or uninstalling them.