Lately, the Chinese application TikTok is at the center of discussions. Earlier this week there were reports that claimed the app had incorporated a new feature that facilitates creation deepfake video. According to a new report, TikTok is now found with "multiple" vulnerabilities security.
The vulnerabilities were discovered by the company security Check Point. According to researchers, vulnerabilities could allow malicious hakcers take control of TikTok accounts and handle their content by uploading or deleting videos and exposing their personal information users.
The revelation of vulnerabilities will bring a new wave criticism against enforcement, especially by their politicians USA, who have stressed many times that TikTok (owned by the company) ByteDance), is a threat to the security of the country.
The researchers Check Point found that hackers can send one fake text message on the victim's cellphone, which is supposed to come from the TikTok application. On the application site, there is a feature that allows users send a text message to themselves so they can download the app.
But the attackers could create a false message malicious link and send it to the victims. Once users open the link, the hackers acquire access and take control of the account.
In addition to this, researchers discovered another vulnerability in a TikTok web domain that allows malicious code to be inserted. The code allowed it theft personal information of users.
Check Point said it informed application managers about the existence of vulnerabilities and they released patches to correct them.
"TikTok is committed to protecting users' data. "Like many other organizations, we encourage security researchers to reveal zero day vulnerabilities to us privately," said a TikTok spokesman. “Prior to publication, CheckPoint confirmed that all of the above issues had been fixed in the latest version of our application. We hope that this successful solution will encourage our future collaboration with security researchers. "
However, the update is not going to alleviate US concerns that consider TikTok national threatening, since they believe the app sends user data to the Chinese government.