Threat actors are looking for vulnerabilities to find a way into systems, accounts, and more, and it looks like they found one on TikTok. However, the company claims that the flaw has already been fixed, although it has released very little information about the issue.
TikTok Vulnerability: Fixed
Users have always been advised to be careful what messages they open as well as the links they click on. This can lead to them acquiring malware or losing access to their accounts, and that's what happened to several high-profile accounts on TikTok.
The company said that the issue had already been fixed, although it did not disclose how many accounts were affected by it. In addition to that, a TikTok spokesperson said that they are already working on the recovery of the hacked accounts.
For now, the only known impacted accounts were the ones used by CNN and Paris Hilton, as reported by Engadget. Luckily, there were no obvious changes made in the account ever since it was taken over by the threat actors.
While that serves as good news, it leaves the question of why the hackers breached the account in the first place. The way the attacks worked is rather concerning, but TikTok remains silent about specifics regarding the cyberattack.
The way it worked is that the accounts received a message from the bad actor. The terrifying part, the users won't even have to click on anything else. Since it was a zero-click attack, all they had to do was open the message and their account would automatically be infected.
This has been used by hackers to access the accounts of other targets like high-profile government officials and journalists, although the obvious purpose for those is to gather information. It may be the case for the recent attacks as well.
700,000 Accounts Hacked in 2023
This isn't the first time that the short-form video site saw a surge in cyberattacks. Back in 2023, up to 700,000 accounts of users in Turkey were breached just before the presidential election in the country. The hack allowed bad actors to gain control as well as gather information about the users.
The attack was reportedly made possible due to the site's practice of "greyrouting," which is sending SMS text messages through unsecured channels to avoid fees implemented by international telecommunications agreements, as per Forbes.
Although it does save TikTok millions in costs each month and avoids guardrails such as rate limits, it does weaken the security that users can have. TikTok has confirmed the attack, although it denied previous attacks such as the one that took place in September 2022.
TikTok spokesperson Alex Haurek said that the company became aware of unusual activity in April that affected the number of likes and accounts being followed on some user accounts, took steps to stop the attack, notified the affected users, and helped secure their accounts.
He further clarified that TikTok was not hacked as none of their internal systems were breached, and no company data was stolen. The company claimed that it did not find evidence of unauthorized content being posted or sent through direct messages.