Ethical Hacking News
Recent AI-driven phishing campaigns have targeted Meta Business Suite users, while another campaign, dubbed "ClickTok," has exploited TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps. Experts urge individuals and organizations to take proactive measures to protect themselves from these emerging threats.
Cybersecurity has become increasingly complex due to evolving threats from various corners.A new breed of threat actors is using AI to carry out targeted and sophisticated attacks, such as the "ClickTok" campaign on TikTok Shop users.The "ClickTok" campaign combines phishing and malware to deceive buyers and affiliate program sellers into making payments in cryptocurrency.Malicious apps can prompt victims to enter their credentials, which are then exfiltrated to an attacker-controlled server.Phishing campaigns targeting Meta Business Suite users aim to compromise high-value business assets.The U.S. Department of the Treasury's FinCEN has issued an advisory to combat fraud and illicit activities involving convertible virtual currency (CVC) kiosks.
Cybersecurity has become an increasingly complex and ever-evolving field, as threats from various corners continue to pose significant challenges for individuals and organizations alike. In recent times, a new breed of threat actors has emerged, leveraging the power of artificial intelligence (AI) to carry out sophisticated and targeted attacks. One such example is the malicious campaign targeting TikTok Shop users globally, with an aim to steal credentials and distribute trojanized apps.
The campaign, dubbed "ClickTok" by cybersecurity firm CTM360, involves a dual attack strategy that combines phishing and malware to target users. The threat actors exploit the official in-app e-commerce platform through a deceptive replica of TikTok Shop that tricks users into thinking they're interacting with a legitimate affiliate or the real platform. This tactic is designed to deceive buyers and affiliate program sellers (creators who promote products in exchange for a commission on sales generated through the affiliate links) by advertising bogus and discounted products and asking them to make payments in cryptocurrency.
The scam campaign also aims to convince affiliate participants to "top up" fake on-site wallets with cryptocurrency, under the promise of future commission payouts or withdrawal bonuses that never materialize. Furthermore, the malicious app prompts the victim to enter their credentials using their email-based account, only for it to repeatedly fail in a deliberate attempt on the part of the threat actors to present them with an alternative login using their Google account.
Embedded within the app is SparkKitty, a malware capable of device fingerprinting and using optical character recognition (OCR) techniques to analyze screenshots in a user's photo gallery for cryptocurrency wallet seed phrases, and exfiltrating them to an attacker-controlled server. The disclosure comes as another phishing campaign dubbed CyberHeist Phish uses Google Ads and thousands of phishing links to dupe victims searching for corporate online banking sites.
In recent months, phishing campaigns have also targeted Meta Business Suite users as part of a campaign called Meta Mirage that uses fake policy violation email alerts, ad account restriction notices, and deceptive verification requests distributed via email and direct messages. This campaign focuses on compromising high-value business assets, including ad accounts, verified brand pages, and administrator-level access within the platform.
These developments coincide with an advisory from the U.S. Department of the Treasury's Financial Crimes Enforcement Network (FinCEN), urging financial institutions to be vigilant in identifying and reporting suspicious activity involving convertible virtual currency (CVC) kiosks. The advisory aims to combat fraud and other illicit activities, as criminals continue to exploit innovative technologies like CVC kiosks.
In light of these emerging threats, it is essential for individuals and organizations to take proactive measures to protect themselves from the rising tide of AI-driven cyber threats. This includes staying informed about the latest security patches and updates, implementing robust cybersecurity measures, such as multi-factor authentication and regular software updates, and being cautious when interacting with suspicious emails or attachments.
Furthermore, it is crucial for businesses to develop a comprehensive cybersecurity strategy that incorporates threat intelligence, security awareness training, and incident response planning. This will help them stay ahead of the threats and minimize the impact of potential breaches.
In conclusion, the rise of AI-driven cyber threats highlights the need for increased vigilance and proactive measures to protect individuals and organizations from emerging threats. By staying informed, taking a proactive approach to cybersecurity, and implementing robust security measures, we can mitigate the risk of falling victim to these sophisticated attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/Lurking-in-the-Shadows-The-Rise-of-AI-Driven-Cyber-Threats-and-How-to-Protect-Yourself-ehn.shtml
https://thehackernews.com/2025/08/15000-fake-tiktok-shop-domains-deliver.html
Published: Tue Aug 5 03:07:14 2025 by llama3.2 3B Q4_K_M
