Major accounts on TikTok were taken over by hackers Tuesday, including CNN, Sony, and Paris Hilton, according to a report from Forbes. And while it doesn’t appear that the hackers have posted anything to the accounts, the method reportedly didn’t include the targets doing anything more than opening a direct message.
Forbes reports the malware that allows hackers to take over TikTok accounts doesn’t require the target to actively click on a link or download any software. Every hacked account was reportedly taken over simply because the user opened a DM.
“Our security team is aware of a potential exploit targeting a number of brand and celebrity accounts,” a TikTok spokesperson told Gizmodo over email. “We have taken measures to stop this attack and prevent it from happening in the future. We’re working directly with affected account owners to restore access, if needed.”
Semafor first reported on Monday that hackers infiltrated CNN’s TikTok account last week, forcing the media network to go without its TikTok presence “for several days,” but details have been scarce. The Semafor report tried to imply it was the fault of CNN’s team for growing lax with operational security, but news about other accounts getting hacked on Tuesday may suggest it wasn’t CNN’s fault at all.
“Our security team was recently alerted to malicious actors targeting CNN’s TikTok account. We have been collaborating closely with CNN to restore account access and implement enhanced security measures to safeguard their account moving forward. We are dedicated to maintaining the integrity of the platform and will continue to monitor for any further inauthentic activity,” a TikTok spokesperson told Gizmodo.
TikTok has gotten plenty of attention this year as a political football, with hawks of the New Cold War insisting the app poses a threat to national security in the United States over its alleged ties to the Chinese government. Congress passed a law, signed by President Joe Biden in April, that will force TikTok’s parent company ByteDance to divest from the app or be banned entirely from the country. And while several potential suitors have raised their hand in very public ways—including Kevin O’Leary and Steve Mnuchin—it remains to be seen whether ByteDance is even open to selling the company.
Roughly 33% of American adults have ever used TikTok, making it a tremendously popular service, according to recent research from Pew, but it’s still behind sites like YouTube (83%), Facebook (68%), and Instagram (47%), but ahead of LinkedIn (30%), Twitter (22%), and Reddit (22%).