Users absolutely do not follow these videos on TikTok

These videos make enticing promises like giving users free access to popular paid services like Netflix, Spotify, Microsoft 365, Adobe Photoshop, CapCut Pro, and Discord Nitro.

In the videos, a robotic voice guides viewers through “a few simple steps” to bypass the payment system of paid apps.

The core requirement is that the user copies and runs a piece of PowerShell code on his computer.

However, instead of unlocking the software, this command sequence immediately downloaded malware from a hacker-controlled website.

According to security consultant Xavier Mertens, this is a new variant of the "ClickFix" attack, which manipulates users into performing dangerous actions to bypass security systems.

The virus used in this campaign is Aura Stealer, a malware specifically designed to steal data.

Once activated, it will quickly collect all the information found on the computer, especially passwords saved in the browser, login information, cookies and even private keys of cryptocurrency wallets.

All this stolen data is then sent to a remote server, where hackers can use it to launch other cyber attacks or attempt to log into the victim's bank account.

The prestigious French technology news site 01Net further pointed out that this new wave of attacks is particularly dangerous because it uses mass-generated AI content, making them appear convincing.

Notably, many videos attract hundreds of thousands of likes and hundreds of shares.

The most important recommendation for users is to never run any scripts, commands or codes found in TikTok videos, Discord groups, forums or any other social networks.

If users suspect they have been scammed, they should immediately change all their important passwords.

Source: https://dantri.com.vn/cong-nghe/nguoi-dung-tuyet-doi-khong-lam-theo-nhung-video-nay-tren-tiktok-20251022120011620.htm