{"id":16461,"date":"2025-08-12T09:05:37","date_gmt":"2025-08-12T09:05:37","guid":{"rendered":"https:\/\/ipp-news.com\/?p=16461"},"modified":"2025-08-12T09:05:37","modified_gmt":"2025-08-12T09:05:37","slug":"fake-tiktok-shops-linked-to-malware-campaign-targeting-cryptocurrency","status":"publish","type":"post","link":"https:\/\/ipp-news.com\/?p=16461","title":{"rendered":"Fake TikTok shops linked to malware campaign targeting cryptocurrency"},"content":{"rendered":"<div>Cybercriminals are exploiting TikTok\u2019s shopping feature to distribute malware and steal funds from unsuspecting users.<\/p>\n<p>Reported\u00a0by cybersecurity firm CMT360, the scheme involves fraudsters creating convincing imitations of legitimate e-commerce profiles, often using AI-generated content to bolster credibility.<\/p>\n<p>These fake \u201cTikTok Shops\u201d &#8211; also seen on Facebook &#8211; advertise steep discounts to lure potential buyers. Once users click through, they are redirected to phishing portals disguised as genuine retail sites.<\/p>\n<p>According to CTM360, more than 10,000 fraudulent URLs have been traced to TikTok Wholesale and Mall pages.<\/p>\n<p>\ud83d\udea8 15,000+ fake TikTok Shop domains are being used in an AI-powered scam campaign dubbed ClickTok, blending phishing, malware, and crypto theft into one deceptive funnel.<\/p>\n<p>From trojanized apps and fake storefronts to AI-generated influencer videos and phishing pages, threat\u2026 pic.twitter.com\/46Zi1Gritp<br \/>\n\u2014 Rhythm Jain (@cyphorX) August 5, 2025<\/p>\n<p>The sites offer \u201cbuy links\u201d leading to fake payment pages, where victims,\u00a0particularly younger audiences, are tricked into depositing funds into counterfeit online wallets or paying for non-existent products.<\/p>\n<p>Some operations go further, posing as affiliate management services and distributing malicious apps designed to compromise sellers\u2019 devices, as reported by TechRadar.<\/p>\n<p>One identified strain, dubbed SparkKitty, has the capability to harvest sensitive information from both Android and iOS devices, enabling long-term surveillance and control.<\/p>\n<p>Investigators say over 5,000 malicious download sources &#8211; often spread via embedded links or QR codes &#8211; have been uncovered in connection with the campaign.<\/p>\n<p>\ud83d\udea8ALERT: Fake TikTok Clones Target Crypto Users<\/p>\n<p>Cyber firm CTM360 warns of \u201cFraudonTok\u201d 15K+ fake TikTok sites &amp; apps using AI deepfakes + SparkKitty malware to steal seed phrases.<\/p>\n<p>\ud83e\udde0 Tip: Never store seed phrases on your phone. pic.twitter.com\/fpPIYzG9pa<br \/>\n\u2014 BeInCrypto (@beincrypto) August 8, 2025<\/p>\n<p>The attackers frequently use high-pressure sales tactics, such as countdown timers and \u201cflash sales,\u201d to prompt snap decisions.<\/p>\n<p>Many of the fraudulent sites operate under low-cost domain extensions like &#8216;.top&#8217;, &#8216;.shop&#8217;, and &#8216;.icu&#8217;, allowing them to be set up quickly and inexpensively.<\/p>\n<p>CMT360 urge users to verify web addresses before entering payment details, avoid direct cryptocurrency or wire transfers, and install robust security software to block malicious sites.<\/p>\n<p>\u201cEven professional-looking storefronts can conceal highly sophisticated scams,\u201d CTM360 noted.<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals are exploiting TikTok\u2019s shopping feature to distribute malware and steal funds from unsuspecting users. Reported\u00a0by cybersecurity firm CMT360, the scheme involves fraudsters creating convincing imitations of legitimate e-commerce profiles, often using AI-generated content to bolster credibility. These fake \u201cTikTok Shops\u201d &#8211; also seen on Facebook &#8211; advertise steep discounts to lure potential buyers. Once [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-16461","post","type-post","status-publish","format-standard","hentry","category-english-news"],"_links":{"self":[{"href":"https:\/\/ipp-news.com\/index.php?rest_route=\/wp\/v2\/posts\/16461","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ipp-news.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ipp-news.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ipp-news.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ipp-news.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16461"}],"version-history":[{"count":0,"href":"https:\/\/ipp-news.com\/index.php?rest_route=\/wp\/v2\/posts\/16461\/revisions"}],"wp:attachment":[{"href":"https:\/\/ipp-news.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16461"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ipp-news.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16461"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ipp-news.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16461"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}