TikTok videos risk user security by promoting software activation scams
- Cybersecurity firm Trend Micro discovered TikTok videos that instruct viewers on activating software and premium features for free.
- These videos are likely deepfakes and feature AI-generated voices, potentially created through automation for mass distribution.
- Trend Micro warns users to be cautious of such unsolicited technical instructions as they can lead to malware infections and data theft.
In recent weeks, TikTok users have faced an ongoing threat from videos that purport to help them activate paid software like Windows and Microsoft Office for free. These videos have been flagged as likely deepfakes, featuring AI-generated voices that provide instructions to execute specific commands in Windows. The content, which seems legitimate at first glance, is part of a broader campaign potentially created through automated processes. This alarming trend has been identified by cybersecurity firm Trend Micro, highlighting the sophistication of current threats targeting social media platforms. The malicious commands often instruct users to use the Run program on Windows and execute a PowerShell command. Users are led to believe that this will enable them to bypass software purchase requirements or unlock premium features in various applications, including Spotify and CapCut. What these instructions actually do is download malicious scripts capable of installing information-stealing malware known as Vidar and StealC onto unsuspecting users’ systems. Vidar can take screenshots, steal user credentials, credit card information, and even access cryptocurrency wallets, while StealC further extends the range of sensitive information that can be harvested by attackers. Trend Micro has attributed the rise of these malicious TikTok videos to the platform's vast user base and its powerful algorithmic reach, which allows attackers to distribute their content widely without needing a strong infrastructure. The use of automation in creating these videos means they can easily target different demographics with tailored tactics, significantly increasing the scalability of such cyber operations. Furthermore, because the deception is embedded in a video format that relies on visual and auditory instructions, traditional security solutions find it challenging to detect these threats since there is no malicious code present on the platform itself. As a response, Trend Micro actively monitors and takes down reported scam accounts. They urge users to remain vigilant, scrutinize unsolicited technical instructions, and verify the legitimacy of the sources they encounter online. The cybersecurity firm emphasizes that if an offer seems too good to be true, it likely is, urging users to report any suspicious content they might come across on social media, messaging apps, or email to protect themselves and their sensitive information.