Cybercriminals are leveraging TikTokβs widespread reach and AI-generated videos to trick users into executing PowerShell commands that install Vidar and StealC malware, leading to credential, credit card, and cryptocurrency theft. This campaign highlights the use of automated, social engineering techniques in broad-scale malware distribution, with state-sponsored groups also adopting similar tactics. #Vidar #StealC #ClickFix #TikTokThreats #AIGeneratedVideos
Keypoints
- Cybercriminals use TikTok videos, likely AI-generated, to induce users to run malicious PowerShell commands.
- The videos promote fake software activation steps for Windows, Microsoft Office, and popular apps like Spotify and CapCut.
- Executing the commands downloads malware such as Vidar and StealC, which steal sensitive information from infected systems.
- Attackers use automation to create similar videos with minor variations to maximize reach and effectiveness.
- Both cybercriminals and state-sponsored groups have employed ClickFix tactics in malware campaigns across different operating systems.