You are currently viewing Researchers Discover Security Vulnerability On ByteDance App TikTok

Researchers Discover Security Vulnerability On ByteDance App TikTok

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments

Security flaws on the TikTok’s video-sharing platform, that could have also allowed hackers to add or delete videos, change privacy settings and steal personal data, have been fixed.

 

This came after researchers gave information about the vulnerability to the developer of TikTok app, ByteDance.

 

Researchers Discover Security Vulnerability On ByteDance App TikTok
TikTok gaining popularity among young adults.

 

Researchers at security firm, Check Point found multiple weak points, all open to the exploitation of hackers.

 

Check Point had told ByteDance of the issues in November 2019. TikTok says they are thankful for the notification and have come up with a solution to the problem. In a statement, the company revealed:

 

“Like many organisations, we encourage responsible security researchers to privately disclose zero-day vulnerabilities to us,

 

“Before public disclosure, Check Point agreed that all reported issues were patched in the latest version of our app. We hope that this successful resolution will encourage further collaboration with security researchers.”

 

A zero-day vulnerability is a  computer-software vulnerability that is unknown to the developer before launch.

 

Check Point says that the app was vulnerable for most of 2019, raising “serious questions” about whether any hacker had discovered it.

Read More:
Update To Windows 10 Now For Free Before Your Windows 7 Expires
Qualcomm Says 5G Tech Will Enter Mainstream In 2020, Are You Ready?
How Many Apps Do You Really Need On Your Smartphones?

It added that ByteDance, meanwhile, “responsibly deployed” a solution within a month of it being informed about the problem.

 

The major issue pertains to TikTok’s handling of users’ mobile phone numbers. Which users must provide when they register for the app.

The security flaws made TikTok vulnerable in a number of ways

Check Point found out that hackers could access these numbers and send texts on behalf of TikTok. Which in turn could also have allowed a hacker to:

  1. Delete videos, change their settings from private to public or upload videos on their behalf.
  2. Force a TikTok user on to a web server controlled by the hacker. Thus, the attacker could send unwanted requests on behalf of the user.
  3. Redirect users to a malicious website masquerading as TikTok.

The US military already told its personnel not to use the Chinese-owned app on government-issued phones. It stated that it has security concerns about possible links to the Chinese government.

 

However, it looks like some military personnel still use the app privately.

 

Initially popular in Asian countries, the short video creation platform has, however, experienced huge growth in recent years and now has 1.5 billion downloads.

 

Make sure to follow Plat4om on Twitter @Plat4omLive, on Instagram @Plat4om, on LinkedIn at Plat4om, and on Facebook at Plat4om. You can email us at info@plat4om.com. Also, don’t forget to subscribe to our YouTube channel HERE.

Leave a Reply