The social media big TikTok is working with the homeowners of high-profile accounts to handle an account takeover marketing campaign concentrating on distinguished customers of the platform.
On Tuesday, Forbes reported that sources inside TikTok imagine a pressure of malware is being unfold by unidentified menace actors via the platform’s direct message function. The malware permits hackers to take over an account with out victims having to click on on any hyperlink or obtain something.
“Our safety crew is conscious of a possible exploit concentrating on quite a lot of high-profile accounts. We have now taken measures to cease this assault and stop it from occurring sooner or later,” a TikTok spokesperson instructed Recorded Future Information in an announcement.
“We’re working straight with affected account homeowners to revive entry, if wanted.”
Whereas the present variety of victims is unknown, Forbes and Semafor have confirmed that CNN’s TikTok account was taken over. The hackers additionally focused the account of Paris Hilton and a Sony model account, in keeping with the positioning.
A TikTok spokesperson declined to reply questions on what sort of malware was getting used, what number of accounts have been compromised or who the attackers is likely to be.
Hackers have beforehand used the social media platform as a option to unfold malware, with a number of campaigns being recognized lately. In 2022, hackers used a preferred TikTok problem to get folks to obtain information-stealing malware.
Forbes famous that Microsoft beforehand found a vulnerability within the TikTok app on Android units that allowed hackers to take over accounts after victims clicked a malicious hyperlink despatched via direct messages.
TikTok modified its head of world safety in 2022 to Kim Albarella, who continues to be serving within the position.
Recorded Future
Intelligence Cloud.
Be taught extra.