The good last few months of TikTok continue with the news that hackers used malicious code to take over accounts of tiktok celebrities and brands According to a Forbes report, official accounts of Sony, Paris Hilton and CNN have reportedly been affected by the hacking
Responsible hackers are sending malware through the app's DMs Apparently, this malware does not require the victim to click on the link or download the software Instead, all you have to do is open the DM where the malware is present, and your device will get infected
This hack seems to be a "zero-day" attack, and since the developers knew about the vulnerabilities in tiktok's code before they did, they had zero days to prevent it
Semafor's newsletter reported that CNN had to delete the company's account A spokesperson told Semafor that the company had been lax in cybersecurity But the problem is off-site because 1 out of dozens of CNN employees with access opened the DM, a regular part of the management of social media brands
For now, hackers seem to be targeting the accounts of brands and celebrities like Paris Hilton The average user will probably not be affected, but for safety, it's best not to open the Dm until Tiktok announces a fix or patch for an ongoing problem
tiktok has a support page with suggestions on how to deal with hacked accounts The usual suggestions presented include resetting the password, removing an unknown device and 2-factor authentication by adding a phone number
TikTok is no stranger to big hacks Last year, more than 700,000 accounts were hacked in Turkey because of poor two-factor authentication methods in the app
In 2022, Microsoft reported a vulnerability in the Android version of its Tiktok app that allowed hackers to take over accounts by simply clicking a specific link 1 time
Beyond hacking, TikTok is an ongoing battle with the US government to avoid being banned in America President Joe Biden has signed a measure requiring TikTok's parent company, ByteDance, to sell the company's US operations
This ban is probably done to prevent Americans' personal data from being in the hands of the Chinese government
Last month, ByteDance published DCCircuit challenged the law in the US Court of Appeals That lawsuit is ongoing
Comments