CYBERCRIMINALS are increasingly using short-form video platforms like TikTok and Instagram Reels to distribute malware disguised as scams promising free software. Two active campaigns trick users into running malicious PowerShell commands or visiting harmful download sites. The malware, identified as Vidar, targets sensitive data such as browser passwords, cookies, and 2FA data, sending it to the attackers' servers.
To protect against these threats, users should only download software from official sites, be wary of unofficial versions, and avoid following dubious online instructions. Verifying the source of downloaded files and using updated anti-malware solutions are also recommended.