Info-Tech

TikTok Fixes Flaw That Allowed Hackers Full Control Over User Accounts

Multiple loopholes allowed potential hackers total control over TikTok accounts

Hackers could collect confidential information from users via SMS containing a malicious link

India is one of its biggest markets with over 300 Mn active users

Chinese short video app TikTok has confirmed fixing a vulnerability in its app that allowed hackers to manipulate content, delete videos, upload unauthorized videos, make private ‘hidden’ videos public and extract confidential information of users via SMS containing a malicious link.

US-based cybersecurity firm Check Point Research exposed the vulnerability — its team discovered multiple loopholes which a potential hacker can use to conduct the attack which gives total control over TikTok accounts.

Currently, TikTok has more than one billion monthly active users across its apps, with India being one of its biggest markets with over 300 Mn active users. India is also one of the fastest-growing markets for TikTok, but the recent breach brings the safety of Indian users into question, many of whom are young adults and teenagers, as well as new users unfamiliar with security threats.

TikTok Security And Privacy Issues

The Check Point Research had also found that the TikTok advertisements subdomain was vulnerable to Cross-Site Scripting (XSS) attacks. This type of attack uses malicious scripts that are injected into trusted websites. Once a user clicks on this, an attacker could access personal information saved on user accounts, including email addresses, birth dates using this vulnerability.

This also comes at a time when TikTok was forced to sell the majority stake in order to remain in the US, which is one of the prominent markets. If the sale happens, the parent company ByteDance is expected to fetch $10 Bn through this deal, the reports stated. However, the US-China trade war has put TikTok in a bad spotlight.

Content Protection by DMCA.com

Check Also
Close
Back to top button