Latest news with #SparkKitty
Mint
12 hours ago
- Business
- Mint
Shocking! Over 10,000 fake TikTok and Facebook shops used to spread malware and steal cryptocurrency: Report
Cybersecurity researchers have reportedly uncovered a large-scale campaign in which cybercriminals are using TikTok Shops to distribute malware and defraud users, particularly younger customers. According to TechRadar, security analysts at CTM360 found that the perpetrators impersonate legitimate e-commerce sellers, often employing AI-generated content to bolster their credibility. The scam is not confined to TikTok, similar fraudulent storefronts have been detected on Facebook, where enticing advertisements offering steep discounts are used to lure victims, noted the publication. The aim is reportedly twofold: to steal cryptocurrency payments and to compromise personal information through malicious software. Investigators have linked TikTok Wholesale and Mall-branded pages to more than 10,000 fraudulent URLs. Reportedly, these mimic official retail portals but redirect visitors to phishing websites. Victims are then prompted to pay a deposit into a fake online wallet or purchase goods that do not exist. Some operations pose as affiliate programme managers, distributing disguised malicious applications. Over 5,000 download sources have been identified, many of which employ embedded links or QR codes to evade detection, the report added. One notable threat, dubbed 'SparkKitty,' is capable of extracting data from Android and iOS devices, allowing attackers prolonged access even after the initial breach. Because cryptocurrency transfers are irreversible, victims have little chance of recovering their losses. Scammers often deploy countdown timers or limited-time deals to create a sense of urgency, pushing targets to act without verifying authenticity. Analysis of the fraudulent domains reveals a reliance on inexpensive extensions such as .top, .shop, and .icu, which can be quickly purchased and deployed. Security experts advise consumers to verify web addresses before making payments, ensure sites use secure HTTPS connections, and avoid unusually steep discounts. They also recommend sticking to standard payment methods, avoiding direct cryptocurrency transfers, and maintaining up-to-date antivirus software with real-time protection. Firewalls and vigilance, even on polished-looking platforms, remain essential in identifying and avoiding scams.
Express Tribune
21 hours ago
- Business
- Express Tribune
Fake TikTok shops linked to malware campaign targeting cryptocurrency
Cybercriminals are exploiting TikTok's shopping feature to distribute malware and steal funds from unsuspecting users. Reported by cybersecurity firm CMT360, the scheme involves fraudsters creating convincing imitations of legitimate e-commerce profiles, often using AI-generated content to bolster credibility. These fake 'TikTok Shops' - also seen on Facebook - advertise steep discounts to lure potential buyers. Once users click through, they are redirected to phishing portals disguised as genuine retail sites. According to CTM360, more than 10,000 fraudulent URLs have been traced to TikTok Wholesale and Mall pages. 🚨 15,000+ fake TikTok Shop domains are being used in an AI-powered scam campaign dubbed ClickTok, blending phishing, malware, and crypto theft into one deceptive funnel. From trojanized apps and fake storefronts to AI-generated influencer videos and phishing pages, threat… — Rhythm Jain (@cyphorX) August 5, 2025 The sites offer 'buy links' leading to fake payment pages, where victims, particularly younger audiences, are tricked into depositing funds into counterfeit online wallets or paying for non-existent products. Some operations go further, posing as affiliate management services and distributing malicious apps designed to compromise sellers' devices, as reported by TechRadar. One identified strain, dubbed SparkKitty, has the capability to harvest sensitive information from both Android and iOS devices, enabling long-term surveillance and control. Investigators say over 5,000 malicious download sources - often spread via embedded links or QR codes - have been uncovered in connection with the campaign. 🚨ALERT: Fake TikTok Clones Target Crypto Users Cyber firm CTM360 warns of 'FraudonTok' 15K+ fake TikTok sites & apps using AI deepfakes + SparkKitty malware to steal seed phrases. 🧠 Tip: Never store seed phrases on your phone. — BeInCrypto (@beincrypto) August 8, 2025 The attackers frequently use high-pressure sales tactics, such as countdown timers and 'flash sales,' to prompt snap decisions. Many of the fraudulent sites operate under low-cost domain extensions like '.top', '.shop', and '.icu', allowing them to be set up quickly and inexpensively. CMT360 urge users to verify web addresses before entering payment details, avoid direct cryptocurrency or wire transfers, and install robust security software to block malicious sites. 'Even professional-looking storefronts can conceal highly sophisticated scams,' CTM360 noted.
Tom's Guide
7 days ago
- Business
- Tom's Guide
Hackers are using fake TikTok Shops to steal money and spread malware — don't fall for this
Be wary of deals on TikTok Shops that seem too good to be true – they may be malware in disguise. As reported by PCMag, there's currently a campaign making the rounds online where scammers use AI to imitate TikTok sellers and stores in order to trick users into clicking on malicious links or to convince users to send them cryptocurrency. Cybersecurity firm CTM360 issued a report that uncovered a widespread campaign where threat actors have been capitalizing on the trust that users have in the TikTok brand so that they can hijack accounts, steal money or personal data or distribute malware. The threat actors are creating convincing replicas of TikTok Shop profiles, even including AI-generated videos, which makes users believe that they've landed on a legitimate page. The campaign is also circulating ads on Facebook and TikTok in which they promise unusually large discounts on products in order to tempt victims as well as to redirect targets to fake versions of both TikTok Wholesale and TikTok Mall. CTM360 has found over 10,000 such fake URLs created to lure shoppers into giving up their login credentials, or to deposit cryptocurrency into fraudulent storefronts. These threat actors have also leveraged the TikTok Shop affiliate management platform by creating a malicious app designed to take over accounts, steal personal information and even enable persistent device compromise. These bad apps are being distributed through embedded download links and QR codes; CTM360 says they have found more than 5,000 such download sites so far. According to The HackerNews, the malware that is being distributed through the malicious apps is SparkKitty which can harvest data from either Android or iOS devices. Victims of the fake affiliate program will be asked to pay in cryptocurrency or to deposit money into a fake on-site wallet and given promises that they will receive future commission payouts or bonuses which, of course, are never paid out. When shopping online, it's good to follow a few hard and fast rules and the first one is always: If it seems to good to be true, it almost certainly is. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. Be wary of any deals that use pressure or urgency in their tactics, making you feel like you need to act fast or putting an expiration date on a deal. Likewise, be suspicious of any site that doesn't take traditional payment methods and instead request payments in gifts cards, cryptocurrency wallets, iffy websites or links, or want a bank account number or other banking information. Double and triple check URLs to websites to see where they lead; scam sites will often use low cost domains. In the case of this campaign, many of the sites are using domains that end in .top, .shop or .icu. Keep in mind that official shops and affiliate programs are unlikely to reach out to you proactively to ask you to deposit money. And be careful with advertisements, as fake deals are incredibly easy to circulate around social media and we've seen all sorts of malicious ads used in a number of campaigns in recent years. Finally, you want to make sure you have one of the best antivirus programs installed on your computer. Not only can they keep you safe from malware and viruses but many of them include features that will help protect you while browsing and shopping online like a hardened browser, or alerts that show up when you navigate to sites that have been reported as malicious, a firewall, or VPN. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
Forbes
05-08-2025
- Forbes
TikTok Shop Password Warning Issued As ClickTok Hackers Strike
Security researchers have issued a warning about an ongoing hacking campaign, identified as ClickTok, which targets fake TikTok Shop login pages to harvest account passwords. The threat actors have, so far, been observed to have established 10,000 fake sites and 5,000 malicious apps during the campaign, which also distributes SparkKitty spyware to steal cryptocurrency wallets. ClickTok Hackers Target TikTok Shop Customers TikTok credential-stealing campaigns have been reported before, but ClickTok is deserving of your immediate attention as it adopts what the researchers called 'a hybrid scam model' combining both phishing and malware specifically targeting the rapidly growing TikTok Shop customer base. 'The scam begins with the impersonation of TikTok's commercial ecosystem, including TikTok Shop, TikTok Wholesale, and TikTok Mall.,' the CTM360 security researchers said, These fake sites 'closely mimic the official interface, deceiving users into thinking they're interacting with the real platform.' The CTM360 analysis, published August 5, revealed that the fake TikTok Shop sites are mostly using either free or very low-cost domains, including .top and .shop. But it's not just these sites that are being used; ClickTok hackers have also distributed more than 5,000 malware-laden apps using a combination of malicious QR codes and embedded download links. The researchers have warned that this scam campaign is 'spreading on a global scale' and targeting users even beyond the 17 countries in which the TikTok Shop is officially available, which include the U.S. and U.K., along with countries in Europe and Asia. Mitigating TikTok Shop Hack Attacks Users are recommended to take the following mitigation measures: I have reached out for a statement regarding the TikTok Shop ClickTok attacks and will update this article in due course.
Hamilton Spectator
02-07-2025
- Hamilton Spectator
This malware found in Google Play and Apple Store can steal photos from your phone — What you need to know about SparkKitty
Don't let the cute name fool you, this dangerous malware can sneak its way into your phone and steal all your photos. Researchers at IT security company Kaspersky recently discovered a new trojan malware hiding inside applications available for download on official app stores Apple App Store and Google Play. The malware researchers named SparkKitty is a cross-platform trojan, which means it can infect both Android and iOS devices. A trojan is a sneaky type of virus that hides inside supposedly legitimate applications or documents. Kaspersky researchers found SparkKitty embedded inside applications available on official app stores but some were also found in unofficial app marketplaces, hidden inside fake TikTok app installers, various gambling and adult games, and crypto-related apps. Once downloaded, it sneaks its way into the device, prompts the user to grant access to the photo gallery and then takes control and steals all the images. 'SparkKitty uploads each and every one of your snapshots to its command-and-control (C&C) server,' the researchers wrote in the report . C&C servers are hacker-controlled computers that send instructions to and remotely control an infected device. One of the infected apps found on Google Play was a messaging app with crypto exchange features called SOEX, according to the report. The app was uploaded to the Android app store and installed over 10,000 times when the researchers made the discovery. The SparkKitty-infected app found on Google Play. 'It was still available in the store at the time of this research,' the Kaspersky team said. Kaspersky notified Google, who has since removed the infected app from the app store. On the Apple app store it was found embedded inside a bitcoin app for tracking cryptocurrency rates. 'We are not sure exactly how this suspicious spy activity ended up in the app,' they said, adding that it's possible that the developers weren't aware that their app was compromised somewhere along their supply chain. But, it's also possible that the developers deliberately embedded the malware into the app, they said. Researchers also discovered SparkKitty being distributed outside official app stores, with the malware found hidden inside TikTok clones distributed via unofficial channels. The fake TikTok app carrying the SparkKitty trojan SparkKitty's predecessor SparkCat , believed to have been spreading since at least early 2024, originally targeted mobile phone users in Asia. However, researchers believe the campaign has gone beyond its original scope and have likely upscaled their operation to target those in other countries and continents, according to the report. The golden rule 'download apps from official sources only' still applies, the researchers said. However, users should also be aware that apps infected with dangerous malware are also now making their way into official app stores. According to some experts, many developers may be inadvertently adding pieces of malware into applications that are then making their way into official app stores. Other times, legitimate applications that have built a reputable reputation are compromised after a change of ownership. Kaspersky recommends a number of steps to keep devices safe In a previous interview with Metroland Media, Estyn Edwards, chief technology officer for Canadian app development company Punchcard Systems said users should take time to read reviews before downloading an app, but added they should also be aware that some reviews can be faked. Taking the time to research an app and the company is also advised. He also warned users to be wary of apps being offered for free online, when it's supposed to be bought in official app marketplaces. 'You'd probably pay for that with your privacy or with whatever they can get from you through fraud,' he warned. Error! Sorry, there was an error processing your request. There was a problem with the recaptcha. Please try again. You may unsubscribe at any time. By signing up, you agree to our terms of use and privacy policy . This site is protected by reCAPTCHA and the Google privacy policy and terms of service apply. Want more of the latest from us? Sign up for more at our newsletter page .
