Bussiness
Hackers break in to ‘high-profile accounts’ including CNN in ‘zero day’ attack
Hackers have planted malicious code in high-profile TikTok accounts including that of hotel heiress Paris Hilton as well as the official page of CNN, according to reports.
The malware is being spread through TikTok via its direct messaging function, Forbes reported on Tuesday.
The hack is a so-called “zero-day” attack — meaning that the hacker learned of the vulnerability before the software developers who thus have “zero days” to prevent it. Certain attacks are exploited through vulnerabilities that sometimes take the developers days or weeks to discover.
CNN was forced to take down its TikTok account for several days after a hacker broke into it last week, Semafor reported earlier on Tuesday.
A spokesperson for the Warner Bros. Discovery-owned news channel told Semafor that it was “working with TikTok on the backend on additional cybersecurity measures” to ensure that it will be safe in the run-up to this fall’s presidential election.
Semafor cited several CNN staffers as saying that the news network had grown lax with its cybersecurity measures.
One CNN staffer told Semafor that dozens of their colleagues had access to the TikTok account.
But another network source told the site that the breach did not appear to be the result of someone gaining access from CNN’s end.
A TikTok spokesperson denied that Hilton’s account was hacked.
“Our security team is aware of a potential exploit targeting a number of high-profile accounts,” the company rep told The Post.
“We have taken measures to stop this attack and prevent it from happening in the future. We’re working directly with affected account owners to restore access, if needed.”
The Post has sought comment from CNN and Hilton.
Last summer, TikTok acknowledged that as many as 700,000 accounts in Turkey had been compromised due to the company’s use of insecure methods of two-factor authentication.
In 2022, Microsoft researchers said they found a vulnerability in TikTok that allowed hackers overtake accounts with a single click.
American lawmakers have been suspicious of TikTok, the popular social media app owned by Chinese tech conglomerate ByteDance.
President Biden signed into law a measure requiring ByteDance to sell TikTok’s US operations due to concerns that Americans’ private data could wind up in the hands of the Chinese government.
ByteDance has until January to sell TikTok or face a US ban. The company, which has filed suit in court against the law, has denied claims its user data is at risk.