Researchers at Israeli cybersecurity company Check Point Software Technologies Ltd. (Nasdaq: CHKP) have found a grave security breach in smartphone video clip app TikTok. One of the world's most downloaded apps, TikTok is especially popular among young people and has more than a billion users worldwide.
Check Point's researchers found a vulnerability that would have enabled hackers to send messages with a malicious link. The moment users opened the link, the hacker would be able to manipulate data including erasing all the user's video clips, replacing them with other clips and most damagingly make the user's personal clips public.
In addition, Check Point's researchers found that on the app's site at https://ads.tiktok.com, hackers would be able to obtain private details that users had left when registering including full names, home addresses, emails and date of birth.
Check Point informed TikTok about the flaw and the app has already been amended.
The Check Point researchers who found the flaw were Alon Boxiner, Eran Vaknin, Alexey Volodin, Dikla Barda, and Roman Zaikin
Check Point head of product vulnerability research Oded Vanunu said, "Most users assume that popular apps are especially secure but hackers invest major resources and effort in order to penetrate them because of the vast personal data in them about every user. Our researchers have proven that even the most popular apps in the world are at risk."
Published by Globes, Israel business news - en.globes.co.il - on January 8, 2020
© Copyright of Globes Publisher Itonut (1983) Ltd. 2020