That free Spotify tutorial on TikTok just stole your passwords. Here’s what to do.

You’re scrolling. A video pops up. Polished. Professional. Someone walks you through getting Spotify Premium for free. No credit card. No subscription. Just a few quick steps.

You follow along. You type the command they show you on-screen.

And just like that, everything on your computer is theirs.

Researchers at ReversingLabs uncovered two active campaigns using TikTok and Instagram Reels to spread a dangerous piece of malware called Vidar. The accounts look legitimate. Names like “windows.tips” and “windows.insights.” Windows-style branding. AI-generated voice-overs. The videos are so polished that most people watching have no idea anything is wrong.

The promise is always the same: free access to premium software. Spotify. Microsoft Office. Windows activation. The steps they walk you through include typing a PowerShell command into your computer. That command silently downloads and runs a script that installs Vidar in the background while you’re still watching the video.

📲 What Vidar takes

Vidar doesn’t grab a single thing. It takes everything.

Saved browser passwords. Bank login credentials. Credit card numbers stored in your browser. Authentication tokens that let it bypass two-factor protection. Cryptocurrency wallet details. Cookies that keep you logged into your accounts. Even Tor Browser data.

Everything it collects gets sent back in seconds to servers controlled by the attackers. By the time you realize something is wrong, they already have the keys to your entire digital life.

This malware is sold as a service for $300 per lifetime license. It got a stealth upgrade last October that makes it harder to detect. And criminals use social media algorithms, the same ones that recommend cooking videos and puppy clips, to get it in front of millions of people.

One tutorial got more than 100,000 views before it was flagged.

🔒 Do these things right now

1. Never type commands from a social media video. If a tutorial tells you to open PowerShell, Command Prompt or Terminal and type something, stop. That is the attack. No legitimate software activation works this way. Ever.
2. Nothing premium is actually free. Spotify, Microsoft Office, Adobe Photoshop, Windows. If a video promises you can unlock any of these for free with a few easy steps, it’s a scam. Full stop.
3. Change your passwords. If you have followed any tutorial like this in the past few months, change your passwords immediately. Start with your bank, your email and anything financial. Use a password manager, so every account gets a unique one.
4. Turn on two-factor authentication. Go beyond texting. Use an authenticator app. Vidar can steal session tokens, but a hardware key or authenticator app makes it far harder to misuse them.
5. Run a malware scan. Use a trusted security tool to check your device. If anything gets flagged, change every password from a different, clean device first.

The video looked like a shortcut. It was a one-way door.

🏡 Here’s the thing about stolen passwords

When Vidar steals your bank login, that’s bad. When it steals your mortgage servicer login, it can be catastrophic.

Home title fraud starts exactly the way you’d expect after a breach like this. A criminal gets your personal information, forges your signature on a deed and transfers your home into their name. Then they take out loans against your equity or sell the property entirely. You find out after the damage is done.

It recently happened in Ohio. Terry Anderson and Angela Croley forged a quitclaim deed and had it notarized using a fake power of attorney to steal a house from a man with dementia in Jefferson Township. They filed it at the county recorder’s office on Oct. 8. By Oct. 14, his daughter had called the sheriff. By then, someone was already squatting in her father’s house and trying to sell his deed. Anderson and Croley pleaded guilty June 5. Read the full story here.

The FBI says cybercriminals stole more than $275 million through real estate fraud from over 12,000 victims last year alone. And that number is going up.

You worked your whole life for that house. Here’s how Home Title Lock protects it.

🔒 Home Title Lock’s Million Dollar TripleLock Protection works on three levels:

• Lock 1: 24/7 monitoring. Their proprietary software scans the largest property record databases in the country around the clock, watching for any activity tied to your title. Any filing. Any change. Any attempt.
• Lock 2: Urgent alerts. The moment something hits your title, you get notified. Not days later. Not in a monthly report. Right away, while you can still do something about it.
• Lock 3: Restoration. If fraud does occur, their U.S.-based team of title restoration experts goes to work. They’ll spend up to $1 million in legal fees, filing costs and administrative support to fix the fraud and restore your title.

✅ Go to my.hometitlelock.com/kim for 30 days free. Don’t wait until it’s not your home anymore. — Kim