Yuliya Taba/E+/Getty Images
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
TikTok is a delivery platform for ClickFix social engineering attacks.
We found live video examples of the scam for Photoshop and Windows.
Clickfix is a popular new method of choice for threat actors.
TikTok is being exploited as a delivery platform to spread information-stealing malware and other payloads, with free software acting as the bait.
On October 17, Senior ISC Handler Xavier Mertens said in a post published on the SANS Institute's Internet Storm Center website that the wave of attacks on TikTok leverages ClickFix social engineering techniques to dupe victims into downloading malware onto their systems.
Also: This new cyberattack tricks you into hacking yourself. Here's how to spot it
In the example video posted by Mertens, a scammer has posted content -- with over 500 likes -- which pretends to provide watchers with an easy way to activate Photoshop for free.
... continue reading