There are more and more platforms that collapse under the weight of millions of lines of code, within which it is increasingly challenging to discover an error. For this reason, the real problem is the vulnerabilities that we do not yet know.
Whether it’s due to sloppiness or malice, vulnerable apps that put user data at risk are full of stores. The latest great news on the matter (as well as the first of 2020) concerns the chatted Chinese social network TikTok. Do you know TikTok puts users’ privacy at risk? In this article I’ll tell about this topic.
Getting know: how TikTok puts users’ privacy at risk
Fortunately, it appears that the weaknesses identified by the cybersecurity company Check Point Research. It is disclosing on January 8th, are attributable to the first category – the approximation – rather than a sophisticated attempt by Beijing to spy on users. As already reported by La Stampa, an attacker could have exploited bugs to take control of personal information and some functions reserved for the user. To do this, the researchers found, several ways used. The first is the so-called SMS Spoofing, or the sending of a message whose sender is TikTok. But which contains a malicious link inside. Clicking this, the user could have been redirected to a phishing page or to the TikTok site itself through the app on the device.
Do you know TikTok puts users’ privacy at risk
Therefore with the permissions linked to the user’s profile. In this way, the researchers discovered that they could force the connection to the pattern from a server. They controlled, and therefore that they could modify some user information without being authorised. In addition to acquiring the personal information related to the profile. A hacker could have made the multimedia content that was set as private-public or deleted, the researchers say. Fortunately, no one seems to have abused this vulnerability, as TikTok security officer Luke Deshotels explained. The important thing is that users update the software to the latest version as soon as possible.
ai ja ful to pora galo 😂😭
Chinese company owns the social network
At the moment we can confirm that there are no traces of the fact that an attack has occurred,” Deshotels reassures. A sign that the timing of the Check Point researchers has produced results. The company reported that it had contacted ByteDance. This Chinese company owns the social network, in December, agreeing on a period in which to resolve software problems before they described in a public report. She called responsible disclosure (this is customary practice in the world of cybersecurity). Demonstration of a secure link between the security of devices, apps, services and commercial products in general and the activity of ethical researchers and hackers. Who monitor what happens between circuits to thwart unexpected, or maliciously hidden, behaviours.
Finally it will be said that, the latter is the suspect raised by the US authorities, who fear the abuse of the app by the Chinese secret services. By now forbidden within the military apparatus. Which could only prohibit its installation on government devices and not on the private ones of the marines – TikTok ended up at the centre of the attention of the policy. Which asks the authorities to verify if it used for to profile US users and to acquire intelligence information useful for enemy operations. I hope now you should be alart TikTok puts users’ privacy at risk.
Also, read this article