Cybercriminals are using AI-generated TikTok videos to trick users into running malware disguised as free software activations.
Wake up, babe — a new form of social engineering just dropped.
Cybercriminals on TikTok used videos to trick users into downloading malware, according to researchers from Trend Micro, a global cybersecurity firm. The researchers say this was a “novel social engineering campaign” designed to take advantage of TikTok users.
In the videos, which are most likely AI-generated, users were promised free versions of Windows and Microsoft Office software or access to premium features in apps like CapCut and Spotify. All you have to do, the cybercriminals said, is execute a simple PowerShell command. People followed the instructions in the TikTok videos because they were being disguised as software activation steps, which the bad actors then used to inject malware like Vidar and StealC into the users’ systems. And according to Bleeping Computer, many of the videos had hundreds of thousands of views.
PowerShell commands are short lines of code that execute tasks on your device, and you should be extremely skeptical of any commands or software links you find on TikTok.
“In this campaign, attackers are using TikTok videos to verbally instruct users into executing malicious commands on their own systems,” Trend Micro explained in a report on the attack. “The social engineering occurs within the video itself, rather than through detectable code or scripts. There is no malicious code present on the platform for security solutions to analyze or block. All actionable content is delivered visually and aurally. Threat actors do this to attempt to evade existing detection mechanisms, making it harder for defenders to detect and disrupt these campaigns.”
TikTok declined to comment on this particular threat, but the company confirmed to Mashable that the accounts associated with the campaign have been deactivated. TikTok users can also learn more about scams and phishing attempts at the TikTok Safety Center.
UPDATE: May. 23, 2025, 5:22 p.m. EDT We’ve updated this article to make it more clear that the videos used in this scam have been removed.
Related Posts
Technical Analysis: 4 Stocks with signs of death crossovers to keep an eye on
HDFC Bank & 3 other fundamentally strong stocks trading above 200 DMAÂ to keep an eye on
Falling Channel Breakout: Multibagger NBFC Stock Shows Bullish Momentum on Daily Chart
4 Fundamentally strong stocks to buy for an upside potential of up to 36%; Do you hold any?
