One of the world’s most trending apps TikTok was plagued with security vulnerabilities which could have allowed hackers to get hold of user accounts through simply an SMS. TikTok is available in over 150 countries and boasts over 1 billion users around the world. TikTok has become one of the fastest-growing and popular apps globally.
This security flaw was discovered by Researchers at Israeli cybersecurity firm Check Point Software Technologies Ltd, who released detailed research on how attackers could hack into TikTok accounts. These spoofed SMS messages can be sent with a malicious link which would give hackers access to the user’s TikTok account. When inside, attackers could delete videos, upload unauthorised videos and make private or hidden videos public on TikTok. It also gave attackers the potential to reveal personal information of TikTok users like their email addresses.
Check Point also discovered that TikTok’s subdomain ads.tiktok.com was vulnerable as well. Under this, the help section which contains information on creating ads for TikTok could be abused by attackers.
Check Point’s investigation went on for the past few months which led to these discoveries. TikTok was reported of these security vulnerabilities and have been patched in the app’s latest version. However, the company is yet to reveal how many or if any user has been affected by this hack. TikTok users are advised to update the app to the latest version from the Play Store and App Store.