Sofik & Sonali Scam: Viral Video Leak Used to Spread Malware by Hacker Network

In a disturbing new trend, cybercriminals are weaponizing viral private video leaks to spread malware, and the latest case involves a video allegedly featuring individuals named 'Sofik and Sonali.' The 19-minute and 34-second clip has been circulating on social media platforms, with links promising explicit content. However, those who attempt to download the video are instead infected with malware, part of a campaign orchestrated by a hacker network operating between Pakistan and Bangladesh.

According to reports, the scam relies on classic social engineering: the promise of exclusive or scandalous content. The links, often shared via WhatsApp, Telegram, or shady websites, redirect users to fake download pages that require interaction—such as clicking a 'Download' button or entering personal information. Once the user engages, malicious code is executed, installing trojans, keyloggers, or ransomware on the device.

Cybersecurity researchers have identified multiple domains and IP addresses linked to the campaign. The infrastructure includes command-and-control servers that communicate with infected devices, exfiltrating data or delivering additional payloads. Initial analysis suggests the malware is capable of stealing credentials, capturing screenshots, and even recording audio via the device's microphone. The network appears to be targeting users primarily in South Asia, but the global reach of social media means anyone could be at risk.

Authorities in India have taken note. Police in several states have issued warnings, and the couple allegedly featured in the video has been summoned for questioning. Legal experts note that attempting to download or distribute such content could lead to charges under cybercrime laws, including violations of the Information Technology Act and indecency statutes. The case highlights the intersection of privacy violations and cybersecurity threats, where victims of a leak are also blamed for the consequences.

For cybersecurity professionals, this campaign underscores the need for user education. Social engineering remains one of the most effective attack vectors, and the use of sensational content—like a viral video—is a proven tactic. Organizations should reinforce policies against clicking suspicious links, even from trusted contacts, and implement endpoint protection that can detect and block known malware signatures. Network monitoring can also help identify anomalous traffic to command-and-control servers.

The Sofik and Sonali case is a stark reminder that in the digital age, curiosity can have severe consequences. As the investigation unfolds, more details about the hacker network and the full scope of the campaign are expected to emerge. For now, the best defense is skepticism: if a link promises something too good—or too scandalous—to be true, it likely is.