Hackers use TikTok to conceal malware, here’s how you can stay safe

That viral hack is a scam

You’ve probably seen those TikTok videos promising free access to expensive software like Photoshop or Windows. They show a simple code to paste, making it look like an easy win. What they don’t tell you is that you’re inviting a digital thief onto your computer.

Security researchers call this trick ClickFix and say it is an old social engineering idea that has resurfaced on short form video platforms like TikTok.

How the fake activation works

The videos often use slick editing and official-looking logos to appear legitimate. They claim to unlock premium versions of software or even non-existent upgrades for services like Netflix. The solution always involves opening a specific tool on your Windows computer called PowerShell.

You are told to copy and paste a short, seemingly harmless command into the box. This command secretly downloads and runs a malicious program from a server controlled by cybercriminals. You are essentially hacking your own computer for them without realizing it.

The dangerous code you run

That one line of code is deceptively simple and short. It uses two powerful PowerShell commands that work together to attack your system. The first part fetches a malicious script from a hidden website on the internet.

The second part executes the downloaded script right away, which can run commands and install software without further user prompts if it is run with elevated privileges.

What silently installs on your PC

The moment you execute the command, a hidden script springs into action. The attack often drops a seemingly harmless file with a benign looking name for persistence. That file may be an information stealer or another credential stealing family.

An information stealer will search for stored credentials and browser cookies and can run in the background. Many strains create persistent mechanisms such as scheduled tasks or run keys to restart after every log in which can make removal harder.

Your personal data gets stolen

So, what is this malware actually looking for? Aura Stealer targets all your saved passwords stored in web browsers like Chrome, Firefox, and Edge. It also grabs your browser cookies, which can be used to hijack your logged-in sessions on websites.

These stealers often look for browser stored passwords cookies and files associated with cryptocurrency wallets and other application credentials so attackers can reuse or monetize the data.

An extra dose of trouble arrives

Researchers have observed follow up payloads that include remote access tools for ongoing control and sometimes ransomware which can lock files and demand payment.

This secondary threat could be a remote access tool, giving hackers permanent control of your machine. Alternatively, it might be a ransomware program that locks your files and demands payment, turning a simple scam into a digital hostage situation.

Why TikTok is the perfect platform

TikTok’s algorithm is built to make content go viral quickly, pushing intriguing life hack videos to millions. Scammers exploit this by creating clips that appeal to people looking for a bargain. The platform’s short, visual format is perfect for demonstrating a quick fix without providing any context or warnings.

Many of these scam accounts are faceless and appear to be generated just for this purpose. They use AI-generated voices and stolen visuals to create a veneer of legitimacy, making it hard for the average user to distinguish them from a real tutorial.

You’re doing the hacker’s job

The most ingenious part is that you are doing all the work yourself. This method is incredibly effective because attackers don’t need to break into your computer. There’s no malicious email link to click or a shady website that might trigger a security warning.

By convincing you to willingly run the command, they bypass most common cybersecurity defenses. You are essentially opening the front door and inviting them in, which makes the attack far more likely to succeed than traditional hacking methods.

The long history of clickfix

While it’s now on TikTok, the ClickFix technique has been around for over two decades. It started in the early 2000s with alarming browser pop-ups claiming your computer was infected with viruses. The “fix” offered was, of course, the very thing that would infect it.

The scam has evolved over the years, shifting to fake locked documents, exclusive offers, and now, software activators. The core principle remains the same: create a sense of urgency or desire and offer a deceptively simple solution that is actually a trap.

Red flags you must watch for

How can you tell a scam video from a real one? Be extremely suspicious of any video instructing you to use Windows PowerShell or Command Prompt for activating software. Legitimate companies never require users to run complex commands for activation.

Other major warning signs include videos with comments turned off, brand-new accounts with few other posts, and instructions that tell you to disable your antivirus software first. If it seems too good to be true, it almost always is.

The high price of a free upgrade

The consequences go far beyond just your computer. Once your passwords are stolen, attackers can access your social media, email, and even bank accounts. They can use your email to reset passwords for other services, locking you out of your own digital life.

If you use online banking or payment apps, your financial security is directly at risk. The attackers could drain your accounts, make unauthorized purchases, or use your stolen information to commit identity theft, which can take years to fully resolve.

How to truly stay safe online

The best defense is a healthy dose of skepticism. Never copy and run commands from an unverified source, especially from social media. Always download software directly from the official company websites or authorized retailers, even if you have to pay for it.

Keep your computer’s operating system, web browser, and security software updated at all times, as these updates often patch security holes. Using a reliable ad-blocker can also help prevent you from seeing some of the malicious pop-up ads that promote these scams.

Secure your accounts proactively

Make it a habit to use strong, unique passwords for every important website, especially your email and bank accounts. Consider using a reputable password manager to generate and store them for you. This limits the damage if one of your passwords is stolen.

Enable multi-factor authentication (MFA) on every account that offers it. This means even if a hacker gets your password, they still need a second code from your phone to log in, effectively blocking their access.

What if you already ran the code?

If you suspect you’ve already fallen for this scam, act quickly. Immediately run a full scan with your antivirus software and consider using a second, offline scanner for a deeper check. You should assume all passwords stored on that computer are compromised.

Start changing the passwords for every important account you have, beginning with your email and financial services. Do this from a different, clean device to ensure the malware on your infected computer can’t capture your new passwords.

Protect your friends and family

Now that you know about this scam, you can help protect others. Talk to your friends and family, especially younger or less tech-savvy relatives, about this specific danger on TikTok. Explain that free activation codes are a major red flag.

If you see an instruction to paste commands or disable security software report the video to the platform and do not run any suggested commands.

If you’re curious about the forces that could shape TikTok’s future, find out if Perplexity could take over TikTok.

Your digital life is worth protecting

There is no magical command that will unlock expensive software for free. Legitimate companies have robust security systems, and any bypass you see on social media is almost certainly a scam. Paying for software or using official free trials is the only safe path.

Your personal data and online security are far more valuable than the price of any software license. Protecting your digital life is worth the investment, saving you from the immense hassle and potential financial loss of a malware infection.

Want to see just how easy it is for hackers to grab freebies? Check out the McDonald’s breach and learn how to protect yourself.

Have you or someone you know ever spotted one of these too good to be true TikTok scams? Share your experience in the comments, and don’t forget to share this post.

Read More From This Brand:

• TikTok Takes Aim at Google Maps
• TikTok Just Got a Life-Saving Feature
• TikTok Adds AI-Powered Accessibility Features for Users

Don’t forget to follow us for more exclusive content right here on MSN.

If you liked this story, you’ll LOVE our FREE emails. Join today and be the first to get stories like this one.

This slideshow was made with AI assistance and human editing.