Hijacking Scheme Takes Over High-Profile TikTok Accounts

Hijacking malware gets spread through TikTok's direct messaging and doesn't require the victim to click links or download anything.

Dark Reading Staff, Dark Reading

June 5, 2024

1 Min Read
A person's hand in front of a turquoise background, holding a phone with the TikTok logo on the screen
Source: Anatolii Babii via Alamy Stock Photo

The social media platform TikTok has confirmed that high-profile accounts are being exploited and hijacked by threat actors in a takeover campaign.

The threat was first discovered by Forbes on June 4, which revealed that users had received direct messages believed to contain a strain of malware that is being spread by the threat actors. The malware reportedly allows the hijackers to take over an account without the targeted victim even having to click on a link or download a file.

Though it's publicly unknown how many of these high-profile accounts have been targeted or what kind of malware is being used, TikTok is working with these account holders to address the issue.

"Our security team is aware of a potential exploit targeting a number of high-profile accounts. We have taken measures to stop this attack and prevent it from happening in the future," a TikTok spokesperson stated.

As for now, Forbes and Semafor have confirmed that the CNN TikTok account has been taken over and that the accounts for Sony and American media personality Paris Hilton have been targeted.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights