TikTok Users May Be Vulnerable to Hackers & Data Thieves, Cybersecurity Research Finds

TikTok users, you might want to exercise caution when posting private videos to the app.

Research published on 8 Jan by an Israeli cybersecurity firm revealed a number of security flaws in the TikTok app.

TikTok vulnerableSource

Thankfully, TikTok has been alerted of these findings and said they had fixed all these vulnerability issues by 15 Dec.

Security flaws could give hackers access to TikTok users’ personal data

These vulnerabilities found by the cybersecurity firm, would have allowed hackers to send users messages with malicious links.

Users that clicked on them would then have their accounts seized by the hackers, giving them access to private videos and allowing them to manipulate content.

A different vulnerability allowed hackers to extract users’ personal information from TikTok’s website.

Children are particularly vulnerable

Many of TikTok’s users are young, and likely unaware of the appropriate security measures to take, according to the New York Times.

Tiktok vulnerableSource

It is being investigated by the US Federal Trade Commission and the British Information Commissioner’s Office for potential violation of laws that protect the data and privacy of minors and children.

One of the fastest growing apps in South-East Asia

According to The Straits Times last year, TikTok had been downloaded over hundreds of millions of times across the region. Globally, they have over a billion users across 150 countries.

TikTok’s parent company ByteDance also has over 50 offices across South-East Asia.

TikTok vulnerableSource

To date, it is still a popular app in Singapore.

Vulnerabilities reportedly fixed

TikTok was made aware of the research last Nov, and has since reported that it fixed all of them by 15 Dec 2019.

In the meantime, there are other things you can do to protect your data.

tiktok vulnerable attackA hacked message designed to look like a legitimate message from TikTok. Note the URL at the bottom that contains a malicious link.
Source

Do not click on suspicious links sent by unknown users. If you receive a message that looks like it came from TikTok, take a moment to verify its authenticity by contacting TikTok through another channel.

Parents should also monitor their children’s activity on the app, and ensure that they are aware of what a malicious attack looks like.

Featured image adapted from LifeHacker.