Recently, researchers found major security flaws in TikTok app. Read on to know more about it…
TikTok, the popular app around the world having hundreds of millions of users has been shrouded with controversies in recent times. Recently, researchers found major security flaws in TikTok app. The app, whose parent company is based in Beijing, has been called “the last sunny corner on the internet.” It allows users to post short, creative videos, which can easily be shared on various apps. TikTok, the smartphone app used by hundreds of millions of people around the world, had serious security vulnerabilities that would have allowed hackers to manipulate user data and reveal personal information.
The Security Vulnerability
According to research published Wednesday by Check Point, a cybersecurity firm based in Israel — the vulnerability would have allowed attackers to send TikTok users messages that carried malicious links. Once users clicked on the links, attackers would have been able to take control of their accounts, including uploading videos or gaining access to private videos. A separate flaw allowed Check Point researchers to retrieve personal information from TikTok user accounts through the Check Point’s website.
Check Point’s intelligence unit examined how easy it would be to hack into TikTok user accounts. It found that various functions of the app, including sending video files, had security issues. One vulnerability allowed attackers to use a link in TikTok’s messaging system to send users messages that appeared to come from TikTok. The Check Point researchers tested the weakness by sending themselves links with malware that let them take control of accounts, uploading content, deleting videos and making private videos public.
TikTok learned about the conclusions of Check Point’s research on November 20, last year, and said it had fixed all of the vulnerabilities by December 15.
TikTok’s parent company, ByteDance, is one of the world’s most valuable tech start-ups. But TikTok’s popularity and its roots in China, where no large corporation can thrive outside the good graces of the government, have prompted intense scrutiny of the app’s content policies and data practices.
It has also become a target of lawmakers and regulators who are suspicious of Chinese technology. Several branches of the United States military have barred personnel from having the app on government-issued smartphones. The vulnerabilities discovered by Check Point are likely to compound those concerns. Check Point also sent a summary of its findings to the Department of Homeland Security in the United States. These latest findings is said to increase security and privacy concerns of TikTok app in various US governments.
American lawmakers have expressed concern that TikTok censors material that the Chinese government does not like and allows Beijing to collect user data. TikTok has denied both accusations and said that although ByteDance’s headquarters are in Beijing, regional managers for TikTok have significant autonomy over operations.
Earlier, TikTok has been on the radar of various governments in United States. To recall, The Committee on Foreign Investment in the United States recently has started looking into ByteDance’s 2017 acquisition of Musical.ly, which later merged into TikTok.
Back in February, the Federal Trade Commission filed a complaint against TikTok, which states that TikTok is illegally collecting personal information from minors. According to the complaint, Musical.ly had violated the Children’s Online Privacy Protection Act, which requires online companies to direct children under 13 to get parental consent before collecting personal information. After which TikTok agreed to pay $5.7 million to settle the complaint.