Serious security issues found in a very popular iOS/Android app - PhoneArena
Save on Samsung Galaxy S22 Ultra

Serious security issues found in a very popular iOS/Android app

iOS Android Apps
@wolfcallsputs
7
Serious security issues found in a very popular iOS/Android app
TikTok, the widely popular short-form video app, is used mostly by teens to produce lip-syncing videos 3 seconds to 15 seconds in length. Loops as long as 60 seconds can be created and shared. But there have been serious questions regarding the security of the app. Back in April, after the app was the most downloaded social media title during the first quarter (#1 on Android, #2 on iOS), the Peterson Institute for International Economics called TikTok a "Huawei-sized problem." Why? Because the app was developed by a Chinese company. The Peterson Institute's worry was that the app can gather intelligence in the form of location and biometric data and send it to Beijing.

Senators Chuck Schumer (D-NY) and Tom Cotton (R-AR) last year requested in a letter to Joseph Macguire, the acting director of national intelligence, that TikTok be the subject of a national security investigation. The lawmakers wrote that they were concerned about who sees the personal data generated by TikTok users in the U.S. In a subsequent email, Senator Schumer wrote "apps like TikTok...may pose serious risks to millions of Americans and deserve greater scrutiny." The New York Times published a story last November stating that the app is indeed under national security review.

Research firm finds exploits on top-ranked iOS and Android app TikTok


But there are other security issues related to the app. Today, Check Point Research published a report in which it notes that "In the last few months we have seen evidence of the potential risks embedded within the TikTok application." The report also states that the Army has banned the use of the app on government phones after using it to try to get recruits.  Check Point focuses on some serious vulnerabilities found in the TikTok app that left some gaping security holes that could have be used against users. These issues could allow a hacker to manipulate and delete the content of TikTok account holders, make private videos accessible to the public, and release account holders' personal information such as their email address.

Check Point Research discovered that the aforementioned issues can take place when a bad actor sends a spoofed SMS to a TikTok member and makes it appear as though it came from TikTok itself. While smartphone users can send an SMS message to themselves that delivers a link allowing them to install the TikTok app, this feature can be hijacked and used to send to unsuspecting users a phony link that could lead their TikTok account to be hacked. The video that accompanies this article, produced by Check Point, shows these different security issues that TikTok users could have been subject to.


According to the research firm, after contacting the developer of TikTok "a solution was responsibly deployed" that allows users of the app to use it safely. In a statement, TikTok security team member Luke Deshotels said, "TikTok is committed to protecting user data. We hope that this successful resolution will encourage future collaboration with security researchers."

The app is owned by Beijing ByteDance Technology Company and the U.S. is reportedly looking at the latter's purchase of Musical.ly. This was an app similar to TikTok and was ultimately merged into the latter after the transaction closed. The deal is being looked at by the Committee on Foreign Investment in the United States (CFIUS). This committee examines foreign purchases of U.S. companies to make sure that there are no national security issues related to the transaction. When ByteDance made the purchase, it failed to clear it with CFIUS which is why the deal is now under review.

For those still interested in installing TikTok, if you're using an iOS device you can download it from the App Store. Android users can install the app from the Google Play Store.

Loading Comments...

Latest News

Samsung takes an ax to its Galaxy S22 series pricing and throws in a free Galaxy Watch 4
Samsung takes an ax to its Galaxy S22 series pricing and throws in a free Galaxy Watch 4
New leak 'confirms' Google's Pixel 7 and 7 Pro will share many key specs with the Pixel 6 duo
New leak 'confirms' Google's Pixel 7 and 7 Pro will share many key specs with the Pixel 6 duo
Samsung follows Apple's suit with big smartphone production cut of its own
Samsung follows Apple's suit with big smartphone production cut of its own
Feature-packed Fitbit Sense smartwatch scores all-time high discount
Feature-packed Fitbit Sense smartwatch scores all-time high discount
Google Pixel 6a camera: Everything we know
Google Pixel 6a camera: Everything we know
Guess the phone quiz: Let's test your eagle eye!
Guess the phone quiz: Let's test your eagle eye!

Popular stories

iPhone 14 to be iPhone 13S: Steve Jobs’ masterpiece reaches peak, but Apple makes the Max out of it
iPhone 14 to be iPhone 13S: Steve Jobs’ masterpiece reaches peak, but Apple makes the Max out of it
A powered-off iPhone is hacker's gold, research shows
A powered-off iPhone is hacker's gold, research shows
Disney World guest loses Apple Watch on ride leading to $40K in fraudulent credit card charges
Disney World guest loses Apple Watch on ride leading to $40K in fraudulent credit card charges
T-Mobile vs Verizon vs AT&T: same old 5G winner further extends lead in new tests
T-Mobile vs Verizon vs AT&T: same old 5G winner further extends lead in new tests
Pixel 6 and Tensor after 7 months: Google’s super-smart chip sets the bar low for Pixel 7 to shine
Pixel 6 and Tensor after 7 months: Google’s super-smart chip sets the bar low for Pixel 7 to shine
Pixel 6 series gremlins are at it again
Pixel 6 series gremlins are at it again
FCC OKs Cingular\'s purchase of AT&T Wireless