TikTok Flaws Allowed Hackers to Delete Videos, Steal User Info

From csirt.cy

Naval Network Warfare Command user awareness bulletin

Security researchers found several vulnerabilities within TikTok’s infrastructure that made it possible for potential attackers to hijack accounts to manipulate users’ videos and steal their personal information.

TikTok is a social media platform owned by Beijing-based ByteDance, with offices around the world, servers based in the countries where its iOS and Android apps operate, and it is used for sharing short-form looping mobile videos of 3 to 60 seconds.

The platform’s Android app currently has over 500,000,000 installs according to Google Play Store stats and has crossed the 1.5 billion installs mark on all mobile platforms during November 2019 according to Sensor Tower Store Intelligence estimates.

Read more…