A critical Flaw is discovered that lets hackers access the largest social app “TikTok” through a text. A flaw discovered by a blog post by Checkpoint security researchers and further evaluated by bleepingcomputer.com, suggest that all profiles were up for grabs by sending a text.
A detailed analysis of the flaw deduced that an individual was able to take over the account credential without the user ever finding out.
The spokesperson from TikToK suggested that there was no data breach but in truth, if there was no data breach how was the vulnerability discovered?.
Following a review of customer support records, we can confirm that we have not seen any patterns that would indicate an attack or breach occurred. Luke Deshotels from TikTok security team
Still to this date the platform has more flaws than the Iraq Intelligence community such as text spoofing, open redirection, and scripting.
As previously reported this flaw was discovered by a third party and not by the company security teams and it was fixed in December. TikTok has advised users to update the app immediately.
The app has a quarter of a billion users as of November 2019.