Big name TikTok accounts hijacked after opening DM | Malware

High profile TikTok accounts, including CNN, Sony, and—er­—Paris Hilton have been targeted in a recent attack.

CNN was the first account takeover that made the news, with Semafor reporting that the account was down for several days after the incident.

According to Forbes, the attack happens without the account owner needing to click on or open anything—known as a zero-click attack. All they need to do is open a DM. The account is then taken over and the user loses access.

Malwarebytes’ Pieter Arntz explained how this sort of attack could happen:

“If they don’t need to click on anything, this could well be a vulnerability in the way content is loaded when opening the DM. We’ve seen similar vulnerabilities before in Chromium browser, for example when fabricated images are loaded.”

TikTok says it has now fixed the issue and is working to get the accounts back to their rightful owners.

Spokesperson Alex Haurek told Forbes:

“Our security team…”


Advertisement Gaming:   Xbox  |  Xbox Bundles  |  Nintendo  |  Playstation  |  Cards   |   Manor Lords   |   Horizon Forbidden West
FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.

Ad Amazon Minecraft the game, plus clothing, toys, and accessories.

Ad Amazon Gaming Laptops, clothing, games and more

Ad Amazon MUSIC Artists Merch Shop

Stay connected throughout the year with official, ongoing Microsoft podcasts.
Microsoft Podcasts Apple | Microsoft podcasts YouTube

Related Posts