The malicious campaign *ClickTok*, discovered by CTM360, is targeting TikTok Shop users worldwide using fake websites, Trojanized apps, and AI videos to steal cryptocurrency wallets via the *SparkKitty* spyware.

CTM360 has discovered a new global threat — *ClickTok*, a large-scale malicious campaign targeting TikTok Shop, TikTok Wholesale, and TikTok Mall users. The attack is carried out via fake websites that mimic the official TikTok interface and modified apps infected with the *SparkKitty* spyware — a new variant of SparkCat previously detected by Kaspersky.
The scam scenario begins with phishing sites and ads on Meta that lead to fake TikTok stores. There, the user is asked to enter their login or crypto wallet details under the guise of “paying for the order.” On mobile devices, the victim is offered to install the “TikTok App”, which is actually a Trojan. *SparkKitty* accesses the gallery, monitors the clipboard and extracts screenshots to steal private keys or seed phrases.
The campaign has already covered over 10,000 fake sites and 5,000+ infected applications distributed via QR codes, instant messengers and internal downloads. Attackers actively use AI videos and cyber-fraudulent domains with cheap extensions (.top, .shop, .icu, etc.).

ClickTok is not just phishing – it is a hybrid fraud model that combines social engineering, fake TikTok platforms and malware. Unlike conventional attacks, it involves an imitation of the TikTok commercial ecosystem with a complete illusion of legitimacy. Payment is made exclusively via cryptocurrencies – USDT, ETH, etc., without involving bank cards.
CTM360 actively monitors and removes fake resources in real time. Users are advised to be careful:
do not install suspicious APK files;
check domains before paying;
use crypto wallets with clipboard protection.
ClickTok is an example of how artificial intelligence and fake marketing models can combine to create large-scale financial attacks. Fraudsters adapt to new markets faster than regulators or the platforms themselves. Protect your devices, do not trust the “TikTok Shop” outside the official app — and do not enter your keys in questionable places. Read the full CTM360 report to learn more.