From thehackernews.com
Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform.
The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows malware propagated via direct messages to compromise brand and celebrity accounts without having to click or interact with it.
It’s currently unclear how many users have been affected, although a TikTok spokesperson said that the company has taken preventive measures to stop the attack and prevent it from happening in the future.
The company further said that it’s working directly with impacted account holders to restore access and that the attack only managed to compromise a “very small” number of users. It did not provide any specifics about the nature of the attack or the mitigation techniques it had employed.