ClickTok
The SparkKitty Drop on TikTok Shops

.webp)
Overview
CTM360 has identified a global malicious campaign dubbed ClickTok, targeting TikTok Shop users and affiliates. Threat actors use fake Meta ads, AI-generated videos, and lookalike domains to trick victims into phishing sites and trojanized app downloads.
Over 10,000 fake sites and 5,000+ malicious apps have been detected, many distributing the SparkKitty spyware, enabling data theft from compromised devices.
The campaign bypasses traditional payment flows by hijacking transactions via crypto wallets, expanding beyond TikTok’s official markets into a worldwide threat. CTM360 continues to monitor and takedown these threats in real time.