bleepingcomputer[.]com/news/security/cloned-capcut-websites-push-information-stealing-malware/
A new malware distribution campaign is underway impersonating the CapCut video editing tool to push various malware strains to unsuspecting victims.CapCut is ByteDance's official video editor and maker for TikTok, supporting music mixing, color filters, animation, slow-mo effects, picture-in-picture, stabilization, and more.
It has over 500 million downloads on Google Play alone, and its website receives over 30 million hits monthly.
The application's popularity, combined with nationwide bans in Taiwan, India, and other places, has pushed users to seek alternative ways of downloading the program.
However, threat actors exploit this by creating websites that distribute malware disguised as CapCut installers.