High profile TikTok accounts, including CNN, Sony, and—er—Paris Hilton have been targeted in a recent attack.
CNN was the first account takeover that made the news, with Semafor reporting that the account was down for several days after the incident. According to Forbes, the attack happens without the account owner needing to click on or open anything—known as a zero-click attack. All they need to do is open a DM. The account is then taken over and the user loses access.
Read more…
Source: Malwarebytes Labs
Related:
- FBI worked with Ukraine intelligence agency to remove social media accounts
July 10, 2023
The FBI colluded with a Ukrainian intelligence agency in an effort to disrupt Russian disinformation campaigns by flagging social media accounts in a failed effort that ensnared a verified Russian-language U.S. State Department account and others, the House Judiciary Committee said in a report released Monday. The report said the FBI partnered with the SBU, one ...
- Telegram has become a window into war
July 7, 2023
Since the invasion of Ukraine in February 2022, Telegram has gained an outsize influence on one of the world’s most watched conflicts. “Telegram is fantastic for many, many reasons and for the fact that we’ve managed to see what is happening at such a crucial point in history,” says Jordan Wildon, digital investigator and founder ...
- Hackers threaten to leak 80GB of confidential data stolen from Reddit
June 19, 2023
Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand – and reverses its controversial API price hikes. In a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February ...
- UK man pleads guilty to hijacking Twitter accounts including of Joe Biden and Elon Musk
May 10, 2023
A British man has pleaded guilty over his role in schemes to hack the Twitter accounts of celebrities including Joe Biden and Elon Musk, as well as stealing $794,000 in cryptocurrency. Joseph James O’Connor, 23, entered his guilty plea in a New York court after being extradited from Spain on 26 April. Read more… Source: The Guardian
- Welcome to open source, Elon. Your Twitter code just got a CVE for shadow ban bug
April 7, 2023
The chunk of internal source code Twitter released the other week contains a “shadow ban” vulnerability serious enough to earn its own CVE, as it can be exploited to bury someone’s account of sight “without recourse.” The issue was discovered by Federico Andres Lois while reviewing the tweet recommendation engine that’s said to power Twitter’s For ...
- White House ‘very in favor’ of bill thought to target TikTok
March 26, 2023
One of the authors of a Senate bill that would enable the US commerce department to ban technologies with links to foreign governments has said the Biden White House is “very in favor” of the measure, but stopped short of saying whether the administration has discussed possibly prohibiting the Chinese-owned platform TikTok in particular. Appearing on ...