AI-Generated TikTok Videos Spread Malware

Thumbnail Image

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.

Multiple reports reveal malware actors using AI-generated TikTok videos to spread infostealer malware. These deceptive videos instruct users to run commands that install malware, leading to data theft and privacy breaches. The campaign, leveraging trends like the ClickFix tactic, presents significant risks to personal and intellectual property security.[AI generated]

Why's our monitor labelling this an incident or hazard?

The event involves AI-generated content (deepfake videos and AI-generated voice) used maliciously to deceive users into executing harmful commands, resulting in theft of credentials and sensitive information. This constitutes harm to individuals' property and privacy, fitting the definition of an AI Incident where AI system use directly leads to harm. The AI system's role is pivotal in enabling scalable, convincing social engineering attacks that cause realized harm.[AI generated]
AI principles
Privacy & data governanceRobustness & digital securityTransparency & explainabilityAccountabilityRespect of human rightsSafety
Industries
Media, social platforms, and marketingDigital securityConsumer services
Affected stakeholders
Consumers
Harm types
Human or fundamental rightsEconomic/PropertyReputational
Severity
AI incident
Business function:
Marketing and advertisement
AI system task:
Content generation

Articles about this incident or hazard

Thumbnail Image

No, That TikTok Video Won't Help You Get Free Software

2025-05-27
Forbes
Why's our monitor labelling this an incident or hazard?
The event involves AI-generated content (deepfake videos and AI-generated voice) used maliciously to deceive users into executing harmful commands, resulting in theft of credentials and sensitive information. This constitutes harm to individuals' property and privacy, fitting the definition of an AI Incident where AI system use directly leads to harm. The AI system's role is pivotal in enabling scalable, convincing social engineering attacks that cause realized harm.
Thumbnail Image

TikTok fans beware - experts warn dangerous malware spread by AI fake videos

2025-05-26
TechRadar
Why's our monitor labelling this an incident or hazard?
The event involves the use of AI systems to generate fake instructional videos that mislead users into running malicious commands, resulting in malware infections. This directly causes harm to individuals by compromising their data and privacy, fitting the definition of an AI Incident due to violations of rights and harm to individuals. The AI's role in creating convincing fake content is pivotal to the success of the attack, and the harm is realized as users are tricked and infected. Therefore, this is classified as an AI Incident.
Thumbnail Image

AI videos on TikTok are tricking users into downloading malware

2025-05-23
Mashable
Why's our monitor labelling this an incident or hazard?
The event involves AI-generated videos used maliciously to deceive users into downloading malware, which directly harms users by compromising their devices. The AI system's role in generating convincing videos is pivotal to the social engineering attack's success. The harm is realized (malware infection), meeting the criteria for an AI Incident. The use of AI-generated content to facilitate malware distribution is a direct cause of harm to property and user security, fitting the definition of an AI Incident.
Thumbnail Image

These AI-Generated TikTok Videos Are Tricking People Into Installing Malware

2025-05-23
Lifehacker
Why's our monitor labelling this an incident or hazard?
The AI system's role is in generating the misleading instructional videos that trick users into executing malicious commands, which directly leads to malware infections and data theft. This constitutes harm to property and personal data, fulfilling the criteria for an AI Incident. The harm is realized, not just potential, as users are being tricked and infected. Therefore, this event qualifies as an AI Incident.
Thumbnail Image

New TikTok Trend Installs Malware on Your PC -- Here's What to Avoid

2025-05-23
Android Headlines
Why's our monitor labelling this an incident or hazard?
The event involves AI-generated content (AI system) used maliciously to cause harm by spreading malware that steals sensitive personal and financial data. This directly leads to harm to individuals' property and privacy, fitting the definition of an AI Incident. The AI system's use in generating deceptive videos is pivotal to the harm caused. Therefore, this event qualifies as an AI Incident.