The Latrodectus malware now uses the ClickFix technique for undetectable in-memory execution and is part of a broader threat landscape involving various malware campaigns. These attacks leverage social media platforms like TikTok and fake apps to trick users into executing malicious commands and stealing sensitive information. #Latrodectus #ClickFix #TikTokMalware #LedgerFraud
Keypoints
- Latrodectus malware employs ClickFix to run in memory, evading detection by browsers and security tools.
- Recent attacks involve tricking users into executing PowerShell commands via infected websites and TikTok videos.
- Threat actors use social media platforms, including TikTok, to socially engineer malware deployment, often targeting pirated software activation.
- Fake Ledger apps and macOS stealer malware are used to steal cryptocurrency seed phrases from Mac users.
- Operation Endgame successfully took down multiple malicious domains and servers associated with various malware families, including Latrodectus and QakBot.
Read More: https://thehackernews.com/2025/05/hackers-use-tiktok-videos-to-distribute.html