CTM360 has identified a global malicious campaign dubbed ClickTok, targeting TikTok Shop users and affiliates. Threat actors use fake Meta ads, AI-generated videos, and lookalike domains to trick victims into phishing sites and trojanized app downloads. ‍> Over 10,000 fake sites and 5,000+ malicious apps have been detected, many distributing the SparkKitty spyware, enabling data theft from compromised devices. ‍> The campaign bypasses traditional payment flows by hijacking transactions via crypto wallets, expanding beyond TikTok’s official markets into a worldwide threat. CTM360 continues to monitor and takedown these threats in real time.