There is a new TikTok zero-day vulnerability that has already hacked various celebrities, brand accounts, and more on the platform. It was reported that this was done through the app's Direct Messages (DMs).
Various victims have already been affected by this latest attack, and it did not take much effort apart from the accounts opening their messages.
TikTok Hack: New Zero-Day Targets Celebrities, Brand Accounts via DM
A new report from Forbes detailed a recent sophisticated attack against TikTok, which was able to hack the accounts of celebrities, brands, companies, and more via its DMs.
While these accounts may have had hundreds or thousands of messages awaiting them, the one with the zero-day exploit could access their profiles without much effort.
It was said that this new malware did not require any special actions from the hackers. Also, no links needed to be clicked or opened, but this still led to massive access to their accounts. Companies like CNN and Sony were reportedly breached, as well as renowned business mogul, personality, and socialite Paris Hilton.
Fortunately, it was reported that there were no unusual posts on these accounts or any other actions on the attackers' end, but it is still a dangerous precedent that their plans remain unknown.
Read Also : TikTok to Share a 'US Copy' of App Algorithm For Continued Operations-Will It Avoid Ban?
TikTok Zero-Day: Company is Aware, Now Working Against It
Gizmodo reported that TikTok had already acknowledged the latest attack on users, targeting brand and celebrity accounts on the platform. For now, TikTok has taken the proper measures to mitigate the attack and prevent it from happening further on the platform against other users.
Moreover, TikTok is already working directly with the victims to restore access to their accounts.
TikTok Security Issues and Problems
Previously, Microsoft discovered a 'one-click' exploit on TikTok's Android version, which endangered its users, but it was quick to deliver a fix against this.
TikTok faced different attacks from threat actors, and one of them centered on a massive data breach that led to the attackers gaining access to user records on the platform.
Despite hacking groups claiming that they could access TikTok's systems, the company denied that this happened, saying there were no discoveries in its investigations about the access.
Social media platforms have seen them being targets of different methods of attacks from threat actors for a long time now, especially as they hold the personal and sensitive information of various users, celebrities, companies, and the public alike.
The company confirmed this latest zero-day exploit on TikTok and is working with the victims to restore their access, but this shows that this new attack is massive and can target just about any user on the platform.