Over 130K users’ browser data siphoned by illicit TikTok downloader extensions

HackRead reports that over a dozen malicious TikTok downloader extensions have allowed the clandestine compromise of more than 130,000 users' Google Chrome- and Microsoft Edge-stored data as part of the StealTok campaign, which has been underway for more than a year.

Multiple legitimate services have been used by threat actors to establish the legitimacy of the TikTok downloaders and expand their user base, with attackers waiting for six to 12 months before injecting information-stealing code into many of the identified apps, according to findings from LayerX Security. Aside from monitoring video interests and usage patterns, the trojanized apps most of which are still downloadable also gather language settings, timezone details, device battery status, and other "high-entropy data."

With the apps still having nearly 12,500 active users, individuals have been urged to immediately double-check their browsers' add-ons list and remove any of the offending tools, as well as replace credentials for banking and email accounts.