If you visit TikTok regularly, we highly recommend updating the app. Indeed, the latest work from cybersecurity firm Imperva gives goosebumps. According to experts, a major security breach allowed hackers to steal large amounts of personal data in the simplest possible way. They even had to send a special message to their target via the web version of the app.
More specifically, it was necessary to go through the PostMessage API, which made it possible to override the security measures integrated by TikTok. In this way, the messaging system analyzes the message in question without identifying the infiltrating threat. Once the victim has taken the bait, all hackers have to do is make the deal. According to Imperva, this method gave them access to a lot of confidential sensitive data.
TikTok users are victims of a serious security breach
Imperva researchers explain that hackers collect a lot of confidential information about their victims’ accounts, such as videos watched, time spent on each video, and various other data from their profiles. However, other types of data were also stolen, such as the type of device used, the operating system, and searches made in the app.
In other words, all this data can be used by hackers to impersonate the targeted person and from there to commit a series of crimes. Spread of scam, blackmail, we’re passing and it’s the best. If this has not been done yet, we strongly recommend that you download the latest TikTok update that fixes this vulnerability.
Source : imperva
