TikTok confirms a cyber attack that’s targeting high profile users including Paris Hilton and CNN

US
By James
  • Cybercriminals send messages on TikTok that open malware
  • READ MORE: Urgent warning for all iPhone users after cyber attack

By Jonathan Chadwick for Mailonline

Published: | Updated:

TikTok has confirmed a cyberattack that targeted brands and celebrities including Paris Hilton and CNN.

Hackers have been sending direct messages (DMs) to the high-profile users in an attempt to install malicious software (“malware”) on their devices.

According to experts, this malware gives the cybercriminal remote access to the victim’s TikTok account.

In a statement, TikTok – owned by Chinese company ByteDance – confirmed the hack and described the threat as a “potential exploit.”

“We have worked closely with CNN to restore account access and implement enhanced security measures to protect their account going forward,” the report said.

It’s one of the most popular social media apps ever, but TikTok has been the victim of a cyberattack that targeted people through direct messages (DMs)

“We are committed to maintaining the integrity of the platform and will continue to monitor for further inauthentic activity.”

A TikTok spokesperson said Paris Hilton’s account was targeted but not compromised BBC.

Jake Moore, a technical expert and security consultant at ESET, said this is a type of ‘zero click attack’ – where the TikTok user doesn’t even have to click on a link in the message to be affected.

Instead, opening the untrustworthy message deploys the malware.

“The malware would have granted access to the attacker, making this a software vulnerability that was previously unknown,” Moore told MailOnline.

It’s unclear what the user would have seen by clicking on the offending DM, but it could have been a photo, a video clip, or even just a code.

A TikTok spokesperson said Paris Hilton's account was targeted but not compromised, according to the BBC

A TikTok spokesperson said Paris Hilton’s account was targeted but not compromised, according to the BBC

Malware and ‘spyware’

Malware is a collective term for any type of malicious software, regardless of how it works, what its purpose is or how it is distributed.

The term includes adware, spyware, viruses, Trojan horses and more.

Spyware is a specific type of malware that steals information from a computer and sends it to a third party without the person’s knowledge.

Spyware collects your personal information and passes it on to advertisers, data companies or third party users.

Source: Norton Security

The aim would have been to gain control to then post content, although it is unclear whether this was achieved; Paris Hilton’s account appears to be unaffected.

While primarily high-profile users such as Paris Hilton and CNN were targeted, lesser-known accounts and members of the public may also have been targeted.

“Some users would have opened it unfortunately and innocently,” Moore added.

“I imagine the attackers would have tested it on high-profile accounts first to gain widespread prevalence.”

All TikTok users should be wary of unusual posts on the platform, the cyber expert added.

“Every now and then, an extremely impressive attack execution will be designed that requires little or no interaction from the victim before the malware can be deployed to the account,” Moore said.

‘Without warning and by simply opening this rouge message in TikTok’s DMs, it can take over the account, making it very challenging even for the most savvy users.

“Users should remain vigilant for unsolicited messages on the platform and treat opening messages with caution.”

TikTok is currently facing a ban in the US unless it is sold by its Chinese owners, although this hasn’t stopped Donald Trump from recently joining the app despite previously wanting to ban it.

There are concerns among US politicians that the Chinese government could use the app to track Americans, censor content and promote Chinese stories.

The app has already been banned from all devices owned and controlled by the US House of Representatives.

Lawmakers and their staff have received an email asking them to remove the app because it is considered “high risk” due to a number of security issues.

TikTok has been compared to the ‘highly addictive and destructive’ drug FENTANYL by a senior US congressman due to its ‘corrosive impact’

TikTok has been compared to the addictive drug fentanyl by an American politician due to its ‘corrosive impact’ on young Americans.

Mike Gallagher, the new US chairman of a new committee on China in the House of Representatives, described TikTok as “digital fentanyl,” referring to the addictive opioid painkiller.

Gallagher, who wants TikTok banned in the US, said the app is “highly addictive and destructive” and that it “basically goes back to the Chinese Communist Party.”

“It is highly addictive and destructive and we are seeing disturbing data about the corrosive impact of the continued use of social media, especially on young men and women here in America,” he said.

“The government can’t raise your children, can’t protect your children from you, but there are certain sensible things we can do to create a healthier social media ecosystem.”

read more

You might also like More from author