TikTok vulnerability could have let hackers access users’ videos
Illustration by Alex Castro / The Verge
Cybersecurity research firm Check Point Research says it found “multiple vulnerabilities” within video sharing app TikTok that demonstrated its insecurity as scrutiny for the Chinese-owned company continues to grow.
Check Point found that it was possible to spoof text messages to make them appear to come from TikTok. Once a user clicked the fake link, a hacker would have been able to access parts of their TikTok account, including uploading and deleting videos and changing settings on existing videos from public to private.
Check Point also found that TikTok’s infrastructure would have allowed a hacker to redirect a hacked user to a malicious website that looked like TikTok’s homepage. This could have been combined with cross-site…