TikTok, the popular social media platform known for its short-form videos, recently addressed a critical zero-day vulnerability that left high-profile accounts susceptible to unauthorized takeover.

As Forbes reported today, the exploit used by the attackers to hack the accounts via DMs only needs the targets to open the malicious message and doesn’t require downloading a payload or clicking embedded links.

Buy Me A Coffee

“Our security team is aware of a potential exploit targeting many brand and celebrity accounts,” TikTok spokesperson Alex Haurek told Forbes.

“We have taken measures to stop this attack and prevent it from happening in the future. We’re working directly with affected account owners to restore access if needed.”

According to Haurek, the attackers have only compromised a very small number of TikTok accounts. The company has yet to reveal the exact number of impacted users and has not shared any details regarding the exploited vulnerability until the underlying flaw is fixed.

A TikTok spokesperson was not available for comment at the time of publication.

24 Bugs in Chinese Biometric Devices Can Compromise Data