Microsoft had earlier warned of a dreadful ClickFix malware in its Digital Defense Report 2025. And now, cybercriminals are using TikTok worldwide to reach to distribute this dangerous form of malware. Several viral clips are being disguised as software activation tutorial that claims to unlock premium apps like Windows, Microsoft 365, and Adobe Premiere for free. But instead of unlocking anything, it installs dangerous malware onto users’ devices.
TikTok is being used for malware attacks
Almost all the videos on TikTok follow a similar trend. A creator tries to demonstrate how to “activate” an app by copying a short code into the Windows Run box. However, what most people don’t realize is that the code provided in the TikTok video is a command that downloads and executes a malware attack using a file called Aura Stealer.
Once the malware is installed on the device, it secretly starts collecting personal information. It stores data such as saved passwords, cookies, crypto wallet data, and other app credentials. Researchers have also reported that the code can fetch an additional payload. This means that it might very well be executing other tasks in parallel.
Here’s how you can stay safe from these attacks
The most worrying part of the malware attack is how realistic it looks. Some short videos on the platform are even using legitimate branding and editing to appear “safe” and “authentic” to the users.
As reported earlier, ClickFix isn’t new. But this time, it’s relying on a new way for installation and carrying out an attack. To stay safe from these kinds of malware attacks, the user must avoid copying any system commands or code snippets from any social media apps. Always rely on official and authentic websites/platforms. Using an active anti-virus system can also help, but advanced malware, such as ClickFix, can even hide itself from it.
The post ClickFix Malware Returns — and This Time, It’s Targeting TikTok Users appeared first on Android Headlines.
