One of the Cyber Security Companies in the last few months has found an illustration of the potential risk installed within the TIKTOK security application.
Oded Vanunu, Check Point’s head of product vulnerability research said: “The vulnerabilities we found were core to TikTok’s systems”. Tiktok owned by a Chinese company ByteDance, is now available over 140 markets in 75 languages with 1 billion users globally. It is one of the most popular applications mainly used by teenagers and kids to create short videos of 3-60 seconds (mostly lip-sync clips).
According to USA Today, The U.S. Navy thinks TikTok is a threat to national cybersecurity and hence they sent an urging alert to the military personnel and staff to delete the app if they have installed earlier on any government-issued devices.
Chuck Schumer, Senior Democrat of The Guardian published an article where he states “TikTok posses’ potential national security risk”.
TikTok security developers were informed by Check Point Research about the vulnerabilities detected in their research and a solution was responsibly redistributed to ensure its users can safely continue using the TikTok app.
Tiktok is regarded as one of the world’s most downloaded app in 2019. But with these new apps, hackers get the opportunity to target devices that haven’t tested through years of real-world attacks and security researches. Mostly are the young crowd are not even aware of the security updates. This allows cybercriminals to execute vulnerability into their trusted websites.
As per the research, vulnerabilities allow hackers to perform the following cybercrimes:
- • Gain authorization over the TikTok account and manipulate their content
- • Remove videos
- • Upload illegal videos
- • Make hidden videos ‘public’
- • Gain personal information saved in the app (like date of birth, email, etc)
One of the Cyber Security Services found that TikTok offers an option to send SMS to any contact on behalf of TikTok. If you look at the main site, there is a function that allows users to send a text message to their own requesting to download the app. Hackers try to trick the users by creating a fake message that appears to be from TikTok but leads to something malicious. Your click to the link will help the hacker to take control of the account and get all the personal information & data.
TikTok collects information from the users at the time of downloading the app. The terms and condition policy describes how it collects data like location data, cookies, metadata, user content, IP address, and other information. Most of the user permits to give their private data without even reading the policy! One should be concerned enough about the risk that may arise due to a single click.
However, Checkpoint has disclosed their finding to TikTok and they have patched accordingly. TikTok paid $5.7 million to settle the issue but The British Information Commissioner’s Office is still investigating to determine if any violation occurs in the future.
Yes, TikTok’s popularity is increasing simultaneously but a lot of cyber security consultancies raising a point to be concerned before using such an app. To maintain TikTok security must be maintained strongly as the users are providing their personal details by trusting the app!
Leave a Comment:
Get Exclusive Cyber Security Tips On:
Prevention from damage dealt to an organization’s reputation.
Investments on fixing the issues caused by attack.
Preventing confidential data and Intellectual Property being stolen
Prevention of revenue loss due to service disruption and much more.