VERY IMPORTANT

Attackers are exploiting TikTok videos to distribute malware, disguising it as free software activations. The campaign uses social engineering techniques to trick users into executing malicious PowerShell code. The malware downloads additional payloads, including AuroStealer, and establishes persistence through scheduled tasks. One payload employs a self-compiling technique, generating code to inject shellcode into memory. Multiple TikTok videos have been identified as part of this campaign, targeting different software products. The attack leverages the ClickFix technique and has gained traction with hundreds of likes on the platform.