Teenagers are frenzy of tik Tok app and just love to spend time on it . It has gained a lot of users traction last couple of years and is considered among top apps on app stores

Unfortunately Vulerabilities found in Tiki’s Tok could have proven disastrous to the app company and its reputation

This vulnerability let attackers manipulate the content posted on it and extract personal sensitive data out of it

This vulnerability is found by checkpoint cyber security researchers and are considering it serious flaw . This company based in Israel just discovered it ontime before it could have been exploited . Possibly Its past exploitation could have been there . Who knows about this Zero day vulnerability ?



Officials from the company said “The vulnerabilities found were all core to TikTok’s systems”

Company had reported these flaws to TIKTOK on Nov 20 2019 and then afterwards TIKTOK started working on it

About the Flaw :

Hacker could take full control of Tiktok accounts just by sending malicious links to users and making users to click on them . Account access here means full access to videos and private videos .

Coincidently there was another flaw on tiktok’s website through which hackers can extract personal information of user accounts . It was buy one get one offer ;) just kidding

Anyways this is serious news and especially when it is in Chinese app . Why ? Because recently we have seen very suspected behaviour of various Chinese apps including these news recently



“US military banned tik Tok”

“Samsung smarphones having innbuild Chinese spyware”

The vulnerabilities thus discovered has given invitation to lawsuits and lawmakers are busy in making files against the company .

Interstingly tiki’s Tok has 1.5 billion downloads , can’t say how much lawsuits they can handle . Some months tiktok performed better than Facebook , Instagram , youtube and snapchat from downloads metrics point of view .

Finally Tiktok company took serious note of the security company and conducted patching of vulnerabilities in December with a final statement from the company “TIKTOK is committed to protecting user data “ said LUKE Deshotels.

Tiktok denied any claim of data breach and its parent company Bytedance said we are looking for successful collaboration with security researchers in future