Hi Reader,
This is a quick and urgent notification of a breaking story that is happening right now:
If you are a TikTok user, do not open your DMs.
There is an ongoing security threat that requires NO interaction from you. This is known as a zero-click attack.
You don’t need to click on any links or reply to the message as just opening up a DM will trigger the malicious code. Once activated, the code allows the hacker to take over your account even if you have 2-factor authentication!
TikTok Security Team is aware of this and has confirmed that this is legit.
So far, the “big name” accounts that have been compromised are Paris Hilton, CNN, and Sony. Other “high-profile” accounts are also impacted but their names have not been disclosed yet.
This seems to be targeting specific accounts.
What should you do?
As this requires no interaction beyond opening up the DM, it is advised that you only look at the DMs from people you know until there is an announcement that this has been fixed.
What’s next?
The question I am asking is could this spread to other platforms or is this TikTok specific? My guess is that each messaging platform is different this is a TikTok-only issue (at least for now).
I also want to know if this impacts both Android and iOS or just one? So far there is conflicting info…
I am on Twitter where I will update with more info if you want to check it out there.
Keep safe out there,
Liron Segev
