新闻来源:www.foxnews.com
原文地址:Beware of TikTok’s danger that could be a malware menace to your life
新闻日期:2024-07-20
请注意TikTok的危险,它可能对您的生活构成威胁。
TikTok遇到困难,黑客也在努力加剧其苦恼。TikTok账户被恶意代码控制,导致了包括Paris Hilton和CNN在内的名人和品牌官方账号受到劫持。在平台上,黑客通过直接消息(DM)发送了恶意软件。
用户不需要点击任何链接或下载文件,只需打开消息即可让设备感染。
为避免TikTok账户遭到恶意DM攻击,请遵循以下步骤:
1. 安装强大的反病毒软件,以保护自己免受phishing攻击和勒索软件的影响。不要点击可疑链接或提供敏感信息,除非您可以验证请求的合法性。
2. 使用强大且独特的密码,并避免使用同一个密码登录多个在线账户。考虑使用密码管理器来安全存储和生成复杂密码。这会帮助您创建难以猜测的独特密码,并将所有密码存储在一处,让您不再需要记忆它们。
3. 启用二步身份验证。当可能时,启用二步身份验证以增加一个额外的安全层次,要求您输入第二种验证方式,例如发送到手机的验证码,除了您的密码外。
4. 及时更新TikTok应用程序。定期更新TikTok应用程序,以避免遭到黑客攻击。在这个过程中,也请更新反病毒软件、网络浏览器和其他应用程序,以确保您拥有最新的安全补丁和保护措施。
5. 检查隐私设置,确保您的TikTok隐私设置已经配置正确。限制可以发送直接消息、评论视频和查看个人资料的人员。这有助于减少黑客可能与您发生不良互动的风险。
6. 监控账户活动。TikTok提供了账户活动记录,您可以检查哪些设备访问了您的账户。如果发现未知设备,请立即更改密码并登出所有设备。TikTok也提供了报告问题的渠道,可以在应用程序中报告问题。
Kurt的重要结论:TikTok需要加强其系统以避免黑客入侵用户账户。由于最近的事件主要影响着名人和高级账户,坏分子也可能攻击普通用户。考虑到安全隐患,我建议不要使用TikTok,或至少在使用时保持极高的警惕性。如果有人通过消息问您,请不要随意点击或发送数据。黑客喜欢以压力迫使人们采取行动,所以请先深呼吸,再仔细思考后再行动。
原文摘要:
TikTok is having a tough time, and hackers are working hard to add to its misery. A malicious code took over accounts on TikTok and compromised the official presence of celebrities and brands, including Paris Hilton and CNN. The hackers behind this sent malware via direct messages (DMs) on the platform. Users didn’t have to click any links or download any files to get hacked. Just opening the message was enough for a device to be infected. GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE What you need to know about TikTok DMs exploit Hackers are apparently targeting high-profile TikTok accounts. So far, accounts from CNN, Sony and Paris Hilton have been targeted. CNN was the first account that got hacked, and it was reportedly down for several days after the incident. The attack reportedly happens without the account owner needing to click on or open anything, known as a zero-click attack. All they need to do is open a DM, and the account can be taken over, leaving the rightful owner locked out. The vulnerability might lie in how content is processed when a DM is opened. Similar weaknesses have been identified before, such as vulnerabilities in the Chromium browser triggered by fabricated images. RETAIL PRICES CAN JUMP IN SECONDS WITH HIGH-TECH STORE PRICE TAGS We reached out to TikTok, and a spokesperson told CyberGuy, “Our security team is aware of a potential exploit targeting a number of high-profile accounts. We have taken measures to stop this attack and prevent it from happening in the future. We’re working directly with affected account owners to restore access, if needed.” The hack appears to be a “zero-day” attack, which means the bad actors discovered the vulnerability in TikTok’s code before the developers did. TikTok had zero days to prevent it. ANDROID BANKING TROJAN MASQUERADES AS GOOGLE PLAY TO STEAL YOUR DATA TikTok has a history of getting hacked This is not TikTok’s first hacking incident. In 2023, over 700,000 accounts in Turkey were hacked because TikTok’s two-factor authentication system wasn’t secure enough. This all happened right before an important presidential election in Turkey, which made things even messier. In 2022, security experts at Microsoft found a major flaw in the TikTok app. All it took was clicking a bad link and hackers could hijack your account. Concerns about TikTok’s data security and its connection to ByteDance, its Chinese parent company, have also captured the attention of lawmakers. The U.S. government fears China uses the app to spy on Americans or to influence the messages they see. President Biden has even signed a bill forcing ByteDance to either sell its U.S. TikTok operations or face a ban in the country. HOW TO PROTECT YOURSELF WHEN YOUR CELLPHONE NUMBER IS EXPOSED ON DARK WEB ANDROID USERS AT RISK AS BANKING TROJAN TARGETS MORE APPS 6 ways to protect yourself from TikTok DM danger To make sure your TikTok account doesn’t get hacked by malicious DMs, follow these steps. 1. Use strong antivirus software to protect against phishing attempts: Stay vigilant when it comes to emails, phone calls or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices. 2. Use strong and unique passwords: Create strong passwords for your accounts and devices and avoid using the same password for multiple online accounts. Consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess. Second, it also keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself. The fewer passwords you remember, the less likely you will be to reuse them for your accounts. Get more details about my best expert-reviewed password managers of 2024 here. 3. Enable two-factor authentication: Enable two-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password. 4. Keep your TikTok app up to date. Regularly update your TikTok app to avoid getting hacked. While you’re at it, update your antivirus software, web browsers and other applications to ensure you have the latest security patches and protections. 5. Review and adjust privacy settings: Ensure that your TikTok privacy settings are appropriately configured. Limit who can send you direct messages, comment on your videos and view your profile. This reduces the risk of unwanted interactions with potential hackers. 6. Monitor account activity: Regularly check your account activity for any unusual behavior or unauthorized access. TikTok provides a log of devices that have accessed your account. If you notice any unfamiliar devices, immediately change your password and log out of all devices. Also, to report suspicious activity on your account, TikTok provides channels to report a problem in its app. HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET Kurt’s key takeaways TikTok needs to strengthen its system to ensure hackers don’t access users’ accounts. While the latest incident seems to be affecting celebrities and high-profile accounts, bad actors may also start targeting common users. Given these security concerns, it should come as no surprise that I advise against using TikTok, or at the very least, to use it with extreme caution. Meanwhile, be cautious. If someone messages you asking you to click on something or send them something, don’t just do it. Scammers love pressuring people to act fast. So, take a breath and think twice before you click. HUMANPLUS ROBOT CAN GO FROM PLAYING PIANO TO PING-PONG TO BOXING Do you think government intervention is necessary to improve the security of social media platforms? Let us know by writing us at Cyberguy.com/Contact For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter Ask Kurt a question or let us know what stories you’d like us to cover Follow Kurt on his social channels Answers to the most asked CyberGuy questions: CLICK HERE TO GET THE FOX NEWS APP Copyright 2024 CyberGuy.com. All rights reserved.
