TikTok is an onomatopoeic phrase for a sound that marks the passage of time, but hackers can beat the clock and steal your account information thanks to a severe issue that was just identified in the social media app.
An extremely dangerous flaw in the Android version of the TikTok app was recently discovered, according to a report(opens in new tab) from the Microsoft 365 Defender Research Team. This “high-severity” flaw, CVE-2022-28799, has been patched, thank goodness.
Millions of Users May Have Been Affected by A Problem in Tik Tok
Microsoft’s cybersecurity research team defined the problem as a one-click exploit. Cybercriminals could exploit the flaw by luring TikTok users with a “specially constructed link.”
Hackers can easily access user accounts with only one click, giving them full access to private data. In addition to leaking private footage, attackers might also pose as victims to send messages and upload movies.
According to the Microsoft 365 Defender Research Team, “the vulnerability allowed deep link verification to be circumvented within the app.” “Attackers may coerce the app into loading a specially crafted URL in its WebView, which could then execute arbitrary JavaScript code via the WebView’s associated JavaScript bridges.”
According to Microsoft’s security researchers, the Android version of TikTok is available in East and Southeast Asia, while a separate version is used in the rest of the world. The research into both found that the vulnerability was present in “both varieties of the software.” Collectively, they have over 1.5 billion installations via the Google Play Store.
Fortunately, a TikTok representative told The Verge, “there’s no proof it was exploited by malicious actors,” which should put some consumers’ minds at ease. As previously stated, TikTok has released a fix for the flaw, earning kudos from Microsoft’s 365 Defender Research team. According to the blog post, “we congratulate the efficient and professional resolution from the TikTok security team.”
Although the issue was patched, it’s crucial that you use the latest version of TikTok to guarantee that you’re utilizing the most secure version of the program.
