Security investigators Tommy Mysk and Talal Haj Bakry discovered a vulnerability in TikTok that could allow malicious users to post videos on behalf of others. In fact, they were able to publish videos on several popular accounts on TikTok, including the official World Health Organization account. Have you seen the danger of a video with the wrong indications appearing on the WHO profile?
Failure in TikTok allows you to publish videos on your behalf!
The problem is that this social network uses an unencrypted HTTP protocol instead of HTTPS which is notoriously more secure. For this reason, owners of public Wi-Fi networks, Internet providers and government services can access the browsing history of any user on this network. social network.
Due to the use of the HTTP protocol, this social network is exposed to attacks by criminals. Researchers who discovered the flaws easily managed to alter content and replace users' real videos with fake ones. Then they posted a video with false information on the verified WHO account.
The developers did not replace the videos on the TikTok server, but only on the home network. This means that only users who use your router will see the changes. However, investigators believe the vulnerability can be exploited on a larger scale if hackers are able to get their hands on a normal DNS server.
However in early 2020, Check Point discovered a vulnerability that allowed criminals to manage other people's accounts on TikTok. After that, Mysk and Bakri's team encountered a security issue that gave access to the clipboard on the iPhone.
Unfortunately, the use of HTTP to transfer sensitive data has not yet disappeared. As demonstrated, HTTP opens the door to server access and data manipulation.
We now have to wait for TikTok to do something to resolve this security breach and thus effectively guarantee the security of all users of the platform.
Read alsoOr see more Android news, Featured
Founder of Leak, he debuted online in 1999 when he created CDRW.co.pt. He took his first steps into the world of technology with the Spectrum 48K and never left computers. It is addicted to mobile phones, tablets and gadgets.