TikTok Struggles with Zero-Click Attacks Targeting Celebrities

Popular video platform TikTok has been grappling with a security issue that allowed attackers to hijack high-profile accounts.

According to reports from Semafor and Forbes, attackers launched a zero-click exploit through direct messages. This malware compromised accounts without users needing to click on anything suspicious.

The exact number of affected users remains unknown, but TikTok claims it’s a “very small” number. The company has taken steps to stop the attack and is working with impacted users to regain control of their accounts.

This isn’t the first time TikTok has faced security concerns. In the past year, researchers identified vulnerabilities that could have allowed attackers to build user databases or take over accounts with a single click. Additionally, large-scale account compromises were reported in Turkey due to insecure messaging channels.

Attackers have also misused TikTok trends to spread malware. For instance, the “Invisible Challenge” was exploited to deliver information-stealing malware.

These incidents raise concerns about the app’s security, particularly regarding its potential for data collection and propaganda. This has led to bans on the app in some countries and restrictions on government devices in others. TikTok is currently challenging a U.S. ban in court, arguing it infringes on free speech rights.

TikTok Struggles with Zero-Click Attacks Targeting Celebrities

TikTok Struggles with Zero-Click Attacks Targeting Celebrities

Critical Vulnerabilities in Ubuntu’s needrestart Utility Expose Servers to Root Access

Hackers taking advantage of the TikTok challenge to hack users’ devices

Shein Android App Puts User Privacy at Risk