Hackers tricked TikTok to show fake COVID-19 videos
Now a duo of iOS developers known as Mysk has exploited a vulnerability in the video-sharing network TikTok to swap content and show fake COVID-19 videos, Android Authority reports. The two iOS developers performed a simple hack made possible by the less secure HTTP protocol TikTok uses. Mysk was able to swap videos published by verified accounts with fake ones and then show them to users in the local network.
The hackers basically posted fake COVID-19 information, and it appeared under the World Health Organization's TikTok account. Fortunately, this was all done in a closed environment, and no actual users saw the fake videos. Mysk published a detailed description of the vulnerability on its blog. And while the ethical hackers exploited the issue only to highlight a security problem, malicious individuals won't hesitate to use it for their own dark purposes.
The vulnerability affects the TikTok Android app version 15.7.4 and iOS app version 15.5.6. Take a look at the hack in action in the video below.