TikTok Videos Spread Info-Stealing Malware Using ClickFix Tactic

Cybercriminals are exploiting TikTok's popularity by using AI-generated videos that instruct users to run PowerShell commands under the guise of activating legitimate software or unlocking premium features for apps like Windows OS, Microsoft Office, CapCut, and Spotify. These commands download and install Vidar and StealC information-stealing malware, which can harvest sensitive data including credentials, credit cards, cryptocurrency wallets, and 2FA authenticator databases. The attack relies entirely on social engineering through video content without any malicious code on the platform, making traditional security solutions ineffective against it. Trend Micro researchers have identified multiple TikTok accounts involved and noted that some videos have reached nearly half a million views, illustrating the campaign's wide reach. TikTok has removed flagged malicious accounts but did not comment further, while experts urge organizations to train employees on social engineering and monitor unusual user behavior indicative of compromise. This campaign highlights the growing trend of threat actors weaponizing social media and AI to spread malware and compromise both individual and business systems.