A ‘high severity’ TikTok vulnerability allowed one-click account hijacking

Nick Barclay / The Verge

A vulnerability in the TikTok app for Android could have let attackers take over any account that clicked on a malicious link, potentially affecting hundreds of millions of users of the platform.

Details of the one-click exploit were revealed today in a blog post from researchers on Microsoft’s 365 Defender Research Team. The vulnerability was disclosed to TikTok by Microsoft, and has since been patched.

The bug and its resulting attack, labelled a “high severity vulnerability,” could have been used to hijack the account of any TikTok user on Android without their knowledge, once they clicked on a specially crafted link. After the link was clicked, the attacker would have access to all primary functions of the account, including the...

Continue reading…



source https://www.theverge.com/2022/8/31/23329662/tiktok-vulnerability-microsoft-one-click-exploit-high-severity

Comments

Popular posts from this blog

In a world first, China lands a spacecraft gently on the Moon’s far side

Snap suspends two anonymous messaging apps after cyberbullying lawsuit