Software company Microsoft announced that they have found a major vulnerability in the TikTok application for Android. Microsoft researchers do research not only on their systems but also on other platforms. In this context, the company’s researchers also found a big gap in the Android application for TikTok.
Vulnerability in TikTok Android app could lead to one-click account hijacking
It is reported that through this vulnerability, hackers can take over accounts with just one click of a link. The pleasing side of the process is that the gap has been completely closed by TikTok. At the same time, Microsoft states that they do not have any information about the active use of this vulnerability.
TikTok’s application-opening connection infrastructure is said to be behind this vulnerability. To protect from this vulnerability, it is necessary to bring TikTok‘s Android application to the latest version. Microsoft states that TikTok responds very quickly to close the gap and congratulates the company on this issue.
TikTok had come up with another security issue before that. After the analysis made by Felix Krause, it was revealed last week that the integrated internet browser within the Facebook and Instagram applications could follow the web activities of people in detail. As far as shared, both applications do not use the browser that Apple provides for third-party applications.
Companies use a special WebKit-based browser they developed. It can scan all activities on websites entered through the JavaScript code called “Meta Pixel”. Meta can see where you touch, which link you open, which texts you select, when you click on ads, passwords you enter, addresses, credit card numbers, and more on a website opened through the browser within the Facebook and Instagram applications.
It is unknown how much data the company has collected on this subject, and it cannot be proven by Felix Krause. Krause also later found that this process was not limited to just Facebook and Instagram. As it is said, the built-in internet browser used in TikTok, the most popular social media at the moment, also can track. According to Krause, every button pressed and every touch gesture can be recorded in this browser.
{{user}} {{datetime}}
{{text}}