SafeMode - Analysis: www.borderclick.com

Captura Visual

Información de Detección

https://www.borderclick.com/BC/media/Borderclick/tiktok-mok_1.html

Detected Brand

TikTok

Country

International

Confianza

100%

HTTP Status

200

Report ID

86cf969b-a01…

Analyzed

2026-03-17 04:59

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T184D196B15045D836A0E381EDE8B0136E7580020ED75386C6F7FA03AEDBCADA4DF65295
CONTENT ssdeep	192:4acPGqYlfHcghYPsOl/sOQVcsOq444ptLuwoNe:s4x8LEOl0OQVzOq444v

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	9bc859a5bb2ac90d
VISUAL aHash	5c3c383d3f26060c
VISUAL dHash	d1f1f359724e5438
VISUAL wHash	3e3c383d3f3e040e
VISUAL colorHash	38000000602
VISUAL cropResistant	c4c76331b85c2ef6,b23375434374a3e2,9391c8c466b1188e,4444588060706480,9be234997ab66c8b,08c63399e47a9d6e,d1f1f359724e5438,16cc59b264cc9a32

Análisis de Código

Risk Score 100/100

Nivel de Amenaza ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de TikTok
• Método: Generador de seguidores falso
• Exfil: Probablemente roba credenciales
• Indicadores: Promete seguidores, solicita nombre de usuario/correo electrónico
• Riesgo: Alto

🔒 Obfuscation Detected

atob
fromCharCode
unescape
base64_strings

📡 API Calls Detected

POST
https://www.google.com/ccm/geo

📊 Desglose de Puntuación de Riesgo

Total Risk Score

90/100

Contributing Factors

Active Phishing Kit

The site's primary function is to steal user data with a known phishing tactic.

JavaScript Obfuscation

Javascript obfuscation indicates the potential for malicious behavior.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza

Two-Factor Authentication Stealer

Objetivo

TikTok users (International)

Método de Ataque

Brand impersonation + obfuscated JavaScript

Canal de Exfiltración

Form submission (backend endpoint not detected - likely JavaScript-based)

Evaluación de Riesgo

CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester, OTP Stealer, Personal Info
57 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand

TikTok

Official Website

https://www.tiktok.com

Fake Service

Followers Generator

Fraudulent Claims

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The site tricks users into providing their TikTok username/email. This information could be used for account takeover attempts or to use the compromised accounts to send further phishing messages.