TikTok Fixes Zero-Click Bug Targeting High-Profile Accounts

TikTok has fixed a vulnerability that led to a rare type of cyberattack this week. The vulnerability involved hackers sending malware-laden private messages to users. As soon as the infected messages were opened, hackers were able to instantly take over those user’s accounts. The scammers took over CNN’s TikTok account and also made an effort to hijack Paris Hilton’s account, amongst others, Axios reports.A TikTok spokesperson told Axios that it’s actively working with the impacted account owners to help restore access to their accounts.The attacks are thought to be zero-click spyware attacks, according to Forbes. They’re commonly used against high-profile government officials as well as journalists and political activists. With these attacks, hackers traditionally want to gain access to a user’s device to obtain text messages, call history, and other content. In the case of the TikTok attacks, however, the goal was to take over the account entirely. Given the nature of the attack, it is not expected to impact average users.

Recommended by Our Editors

Currently, only two accounts have been identified as targets of the attack; however, more could potentially be named. The company has also yet to identify what vulnerability hackers were able to exploit in order to gain access to the accounts.

How to block people on TikTok

Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

We will be happy to hear your thoughts

Leave a reply

Compare items
  • Total (0)
Shopping cart