Microsoft has found a high-severity vulnerability inside the TikTok Android app which allows the hijacker to send messages, access and upload videos.
TikTok is one of the most popular apps on the market and is available to all users with 1.5 billion downloads being popular globally as a competitor in social media and as a video platform. Shockingly Android operating phones are very common and these two aspects have intersected with a flaw allowing attacks incredible levels of access.
Researches found that the flaw worked on all regional variations. Attackers would need to link multiple issues together with the critical part being a malicious link. Researchers claim once the first part of the link was completed personal data was accessible by the attacker.
TikTok attackers access and use
Attackers could access personal data which means they could acquire all forms of information such as age name and possibly location alongside email. Enabling the uploading of videos including private and public sending messages and generally having the same level of access as the owner is the other aspect of this system being compromised.
How it worked
Last weeks article on EE is available here.
Our active fundraising for Air Ambulance is found here we appreciate any donation.