Uploads, deletions, private-to-public switcharoos, all bad stuff
TikTok, a mobile video app popular with teens, was vulnerable to SMS spoofing attacks that could have led to the extraction of private information, according to infosec researchers.
The app is used mainly by the youth of today to share and save short videos of themselves and friends, often set to a popular music track, with an optional array of visual and sound effects - a la Snapchat. Research from Israeli outfit Check Point found that an attacker could send a spoofed SMS message to a user containing a malicious link.
If the user clicked that malicious link, the attacker could access the user's TikTok account and, so Check Point said, manipulate its content by deleting videos, uploading new videos and making private or "hidden" videos public.
Check Point told ByteDance, TikTok's developer, of ..
Support the originator by clicking the read the rest link below.
