According to the latest report, the most popular video-sharing app of China TikTok had several security vulnerabilities. “Check Point,” a cybersecurity firm said it found defects that could allow hackers to take control of TikTok users accounts and manipulate the content, delete and upload videos and reveal private data such as personal email address. It comes after a keen analysis of the Chinese-owned platform.
The findings regarding TikTok will steam up the arguments. Especially from the United States politicians, that TikTok – owned by ByteDance, a Chinese firm – is a national security threat. The cybersecurity company found that it’s easy to send a usual text message to any phone number on behalf of Chinese based TikTok. On the official website of the app, there is an option that allows the users to send messages to themselves to download the application.
On the other hand, hackers might create a fake text message that might show as an official message from TikTok, but in fact, contained a malicious code to retrieve users’ personal information. Check Point stated that it revealed the findings to TikTok and they patched it.
Tik Tok’s Security Team official statement
Security team member of TikTok, Luke Deshotels said in a statement that TikTok loyal to protect user data. Just like many other firms, they encourage responsible security investigators to reveal zero-day weaknesses to them confidentially. CheckPoint agreed that before public revelation, all reported issues patched in the latest version of their app. He adds that they are hopeful that this successful resolution will inspire future teamwork with security researchers.
The security patch is not likely to dismiss the concerns of the lawmakers of the United States who shows their fear that the app may be a national security threat. Furthermore, TikTok is the main subject of a Committee on Foreign Investment in the U.S. or CFIUS (Committee on Foreign Investment in the U.S.), national security review into its gaining of Musica.ly, a mobile application it bought in 2017. A person aware of the matter told CNBC last year that the investigation stems in part from the risks the committee observes from the access of the Chinese government to the data and user profiles of the app.