Saturday, December 2, 2023

Is Patched Out TikTok Exploit Still a Threat to User Accounts?

Microsoft researchers stated that the ‘one-click’ potential threat which was revealed to TikTok, back in February, has been patched out.

According to Microsoft 365 Defender researcher, the Android TikTok version has a serious vulnerability that could allow hackers to take full control of the user’s account. Back in February, the researchers had revealed the exploit to TikTok, through a reporting page.

Furthermore, TikTok released an update within a month, saying that the issue was fixed. However, neither researchers nor the company could predict for how long the fraud was there.

- Advertisement -

The severity of the Exploit

Malicious persons can simply get account access via a special link. Once they enter the system’s JavaScript they can change any of the user settings or information. Any hacker can misuse this access to send inappropriate messages to strangers or friends, can upload videos, or even turn private videos public. No one can predict the malicious intentions but the most obvious consequences are the user’s sensitive information like emails, passwords, and other private information. According to Researchers vulnerability was “high severity”.

Is Patched Out TikTok Exploit Still a Threat to User Accounts

But when it comes to the exploit’s ‘high severity’ impact on users, then TikTok is not revealing any statement. However, according to researchers, the exploit was present in the East Asia version as well as the other TikTok version of the app. Consequently, all 1.5 billion people who had downloaded the app were susceptible to the exploit.

Due to the unsecured JavaScript interface, the researchers especially emphasize being cautious of the danger. They add “we recommend that the developer community be aware of the risks and take extra precautions to secure WebView.” Moreover, another researcher found TikTok’s JavaScript, which is a potential danger. As it could record all the inputs by the user from the in-app browser of the application. But Controversially, TikTok denied the fact and stated that this code was there for troubleshooting and debugging purposes.

- Advertisement -
Palak Sharma
Palak Sharma
I am Palak, born and brought up in Himachal Pradesh. An introvert by nature who loves writing more than speaking. I do it often to express myself, to entrain myself, and to feel meaningful. While enjoying this world of words I ended up being part of a published anthology 'Blooming skies' with my poem 'On the day of devastation'. I love this concept of written words living on a paper till the end of time, they give me a sense eternity.

Related Articles

Stay Connected

- Advertisement -spot_img

Latest Articles