Hackers are now exploiting the viral nature of TikTok videos to distribute Vidar and StealC malware, targeting unsuspecting users through deceptive tutorial content. According to Trend Micro researchers, threat actors are leveraging popular TikTok trends by posting faceless, AI-generated videos that mimic legitimate tech guides. These clips instruct viewers to run harmful PowerShell commands, posing as software activation hacks for tools like Windows OS, CapCut, Spotify, and Microsoft Office.
Unlike typical phishing tactics, these attackers rely entirely on video content to mislead users—no malicious links or code are hosted directly on TikTok. The content appears convincing and garners high engagement. One video alone amassed half a million views, 20,000 likes, and over 100 comments, demonstrating the potential reach of this campaign.
Several TikTok accounts involved have been flagged, including @gitallowed, @zane.houghton, @allaivo2, @sysglow.wow, @alexfixpc, and @digitaldreams771. Once users execute the suggested PowerShell command, the script silently creates hidden folders, modifies Windows Defender settings, and downloads the payloads—Vidar and StealC.
These infostealers are capable of extracting saved passwords, authentication cookies, and crypto wallet data. Once installed, they connect to command-and-control servers—some masked via Telegram channels and Steam profiles—to send back stolen data. Vidar, in particular, uses these as Dead Drop Resolvers to obscure its infrastructure.
By disguising malicious intent within helpful-looking tech tutorials, the campaign reflects a dangerous evolution in social engineering attacks. It underscores the urgent need for digital literacy and caution, especially regarding unsolicited tech advice on social platforms.
Cybersecurity experts urge users to remain skeptical of online videos offering software shortcuts, especially those that involve system-level commands like PowerShell. This emerging threat highlights how social media can be weaponized to bypass conventional security filters and compromise both individual and organizational data.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: CyberSecurityNews.com