TechFlow news, August 5 — According to Forbes, a new report from cybersecurity firm CTM360 reveals a hacker campaign dubbed "ClickTok" is targeting TikTok Shop users globally. The attackers have created over 10,000 counterfeit websites and 5,000 malicious apps, using hybrid scam techniques to steal user account credentials and distribute SparkKitty spyware aimed at stealing cryptocurrency wallets.
The campaign has spread beyond the 17 countries officially served by TikTok Shop. Attackers primarily use low-cost domains (such as .top and .shop) to set up phishing sites and distribute malware via malicious QR codes and download links.
Security experts advise users to access TikTok Shop only through the official app, carefully verify website authenticity, and avoid downloading software from unknown sources.




