Flaw in TikTok app let hackers control accounts with a text message, they can also add or delete videos and to extract personal information.
China’s popular video sharing app TikTok had “multiple” security vulnerabilities, according to a new report.
Cybersecurity firm Check Point said it found flaws that could allow hackers to take control of TikTok accounts and manipulate the content, upload and delete videos and reveal personal information such as a private email address.
But attackers could create a fake text message that appeared to be from TikTok, but actually contained a malicious link. Once users clicked on the link, hackers could take control of the account.
There was also a vulnerability in a TikTok web domain which allowed attackers to insert a malicious code. This was used to retrieve personal information of users.
Check Point said it disclosed the findings to TikTok and they have been patched.