TikTok said it has patched a vulnerability that could have allowed for a cyberattack targeting high-profile accounts. as reported Axios. A TikTok spokesperson added that the company is currently working to restore access to affected users.
The social media giant didn’t say how many accounts were hit, but we do know this CNN and Paris Hilton were the targets. The hack involved sending messages full of malicious code to users. When the user opened the message, the code was triggered and took over the entire account. Ironically, the affected accounts did not post anything while they were compromised.
Apart from taking over the TikTok accounts of celebrities, it is still unclear who is behind the attack and what their ultimate goal is. TikTok remains mum on the features related to the vulnerability that allowed the attack in the first place. This kind of hack is quite rare, so it shouldn’t be a big concern for average users.
The hack is known as a zero-click attack, meaning you don’t need to click on anything to get infected. In this case, users simply had to open a direct message. The method used here is similar to zero-click spyware attacks, except that these hackers target high-profile government officials and journalists in order to secretly gather information. This attack took over the entire account for unknown purposes.
This isn’t the first major TikTok hack. Over 700,000 accounts last year Turkey made a compromise due to invalid SMS channels. Microsoft researchers In 2022, he discovered a flaw that allows hackers to bypass accounts with just one click. Later that year, an alleged security breach affected more than a billion users. That’s a lot of people.