Celebrity TikToks Hacked by DM
Arecent zero-day exploit has compromised high-profile TikTok accounts, including those of celebrities and brands, by spreading malware through direct messages that infects devices upon opening, without requiring any further user action. The incident highlights ongoing security challenges faced by the popular social media platform.
Zero-Day DM Exploit
The malware exploits a previously unknown vulnerability in TikTok's code, allowing hackers to seize control of accounts without the need for user interaction beyond opening the infected DM. This type of attack, known as a 'zero-day' exploit, leaves developers with no time to patch the flaw before it is actively exploited.
High-Profile Accounts Breached
Hackers have recently targeted high-profile TikTok accounts, including those of CNN, Paris Hilton, and Sony, by exploiting a vulnerability in the platform's direct messaging system. The malware, which spreads through DMs, does not require any user interaction beyond opening the message, making it particularly insidious. CNN's account was deactivated following the breach, and the organization is collaborating with TikTok to enhance security measures. Meanwhile, Paris Hilton's account remains active despite earlier reports of it being compromised.
Previous TikTok Hacks
TikTok has faced several significant security breaches in recent years. In 2021, a vulnerability in the platform's two-factor authentication system led to the compromise of approximately 700,000 accounts in Turkey. The following year, Microsoft researchers identified a flaw in the Android version of the app that allowed hackers to take control of accounts with a single click on a malicious link. These incidents underscore the ongoing challenges TikTok faces in securing its platform against sophisticated cyber threats.