Cyber security news for all


    Several Gaps In Tiktok Allowed Attackers To Access User Data

    Security researchers have discovered a number of vulnerabilities in the popular video app Tiktok. At the heart of the vulnerability was a feature on the Tiktok website that allowed attackers to text Tiktok to their potential victims. The attacker could then have integrated his own link into the SMS. This way you could have forwarded victims to a phishing site. It was also possible to send commands to the victim’s Tiktok app using the link, for example to delete or create videos on your behalf. In addition, private videos could have been converted into public videos.


    Tiktok User Data Was At Risk

    The researchers also found a way in their tests to access sensitive user data such as email address, date of birth or payment information via the Tiktok API. There were security mechanisms that should have prevented unauthorized access to this data, but the security experts were able to override them.

    Attackers were able to use the vulnerabilities to access and manipulate the content and user accounts of Tiktok users. The attackers were also able to gain access to the user accounts and thus obtain personal information such as email addresses and contact details. The attackers only had to send a fake SMS message to a user with a correspondingly prepared link. As soon as this link was clicked, the attackers could access the user account. In this way, unauthorized persons could also gain access to private videos of Tiktok users.

    Marketing Threat On Tiktok?

    More and more brands and companies are also creating an account on TikTok in order to reach the young target group. The download numbers show how high the marketing potential of the platform can be, but company accounts also have to deal with the security of the platform. The US Army recently prohibited its soldiers from using the app on their service smartphone after attempting to recruit new soldiers via the platform in October. They stated that TikTok was a potential security risk for the United States.

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox