TikTok has confirmed that it has acknowledged a security issue that led to high-profile accounts being compromised via a zero-click attack. According to reports from Semafor and Forbes, malware spread via direct messages led to the takeover of brand and celebrity accounts without users having to click.
TikTok spokesperson Alex Haurek said: “Our security team is aware of a potential exploit targeting multiple brand and celebrity accounts. We have taken measures to stop this attack and prevent it from happening in the future. “If necessary, we are working directly with affected account holders to restore access.”
TikTok's Chinese origins have led to concerns that the app could be used to collect sensitive information about American users, prompting a law to ban the app unless it leaves ByteDance. TikTok filed a lawsuit challenging this law, stating that the ban was an “extraordinary interference with free expression rights.” Many countries such as India, Nepal, Senegal, Somalia and Kyrgyzstan have imposed similar bans on TikTok. Countries such as the USA, the UK, Canada, Australia and New Zealand have banned the use of the application on government devices.
You can review the details of the relevant news from the link below: https://thehackernews.com/2024/06/celebrity-tiktok-accounts-compromised.html
Disclaimer
Dear visitor,
This news article is for informational purposes only and has been prepared with the aim of increasing awareness against attacks and taking precautions accordingly. We remind you that it is not legal to use the information in this article for purposes other than its intended purpose, and we recommend that you apply it in your test environments beforehand. Otherwise, we declare that CyberArts has no responsibility for any errors, omissions or malfunctions that may arise in your systems due to this situation, and cannot be held responsible for any direct or indirect damages or losses that may arise therefrom.
Regards,
CyberArts Informatics Incorporated Company
To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.