According to Deep Tide TechFlow news on August 5, a recent report from the security research organization CTM360 indicates that a hacking operation code-named 'ClickTok' is globally targeting TikTok Shop users. Attackers have established over 10,000 counterfeit websites and 5,000 malicious applications, using mixed fraud methods to steal user account credentials and spread SparkKitty spyware, intending to steal users' cryptocurrency wallets.
The activity has expanded beyond the 17 countries officially covered by TikTok Shop. Attackers mainly use low-cost domain names (such as .top and .shop) to create phishing websites and spread malware through malicious QR codes and download links.
Security experts advise users to access TikTok Shop through the official app, carefully verify the authenticity of websites, and avoid downloading software from unknown sources.
