Cybercriminals Use TikTok Videos to Spread Malware

Cybercriminals are increasingly leveraging AI-generated videos on platforms like TikTok to disseminate infostealer malware. These deceptive videos often masquerade as tutorials or promotional content, featuring AI-generated personas that appear trustworthy and familiar to viewers. Once engaged, users are directed to download malicious software such as RedLine, Raccoon, and Vidar, which are designed to extract sensitive information including passwords, banking details, and cryptocurrency wallet data. This tactic exploits the widespread trust in social media content and the persuasive nature of AI-generated avatars to enhance the effectiveness of phishing schemes.(propelex.com, ThreatsHub, VPNOverview.com)

The proliferation of such malicious content has been significant, with cybersecurity firm CloudSEK reporting a 200–300% month-over-month increase in AI-generated videos containing links to infostealer malware since November 2022. Threat actors employ various strategies to evade detection, such as using SEO optimization, fake comments, and link obfuscation techniques. These methods not only help in bypassing platform moderation but also in reaching a broader audience. The sophistication of these attacks underscores the need for enhanced vigilance among users and the adoption of advanced threat detection mechanisms by platforms to mitigate the risks associated with AI-driven cyber threats.(propelex.com)

Source: https://www.databreachtoday.com/infostealer-attackers-deploy-ai-generated-videos-on-tiktok-a-28521