In November 2019, Check Point, a Cybersecurity firm, pointed out various vulnerabilities in the popular video-sharing social networking service TikTok. The cybersecurity firm claims that it reported the vulnerabilities to ByteDance, TikTok’s parent company, as soon as they were discovered and even though ByteDance declared that it had addressed the problem, the damage was already done.
The application has been breaking all barriers when it comes to popularity. It achieved a 1.5 billion global user base in just over 2 and a half years. However, due to its strong Chinese connection, the application has been under American Scrutiny for a while now. Even though TikTok has, again and again, denied any influence with the Chinese government the vulnerabilities have put its users in doubt globally.
According to Oded Vanunu, the Lead Researcher at Check Point:
What we’re trying to make sure people understand is that the cyberspace is something that doesn’t just start and end on a sophisticated platform, but that if you’re in cyberspace, even for day to day activity, your data and privacy are at risk.
Researchers at Check Point found that vulnerabilities would have allowed hackers to either send users malicious links via disguised text messages, which would give them control of the user’s account if clicked.
Another weakness would have also given the hackers a gateway to retrieve user’s personal information as well as allow them to manipulate content in TikTok user accounts, delete videos, upload unauthorized videos, changing private videos to public and reveal personal information like private email addresses.