According to Check Point’s report discovered severe security weaknesses in the popular video-sharing app TikTok during an assessment.
According to the New York Times, the business informed TikTok of the vulnerabilities on November 20, and by December 15, the company had rectified all of them, but the earlier presence of the weaknesses might buttress concerns that TikTok may endanger America's national security.
Check Point's newly published study on the security holes claims that the company's investigators were able to access TikTok accounts and then change their content, adding new videos, deleting old ones, and even making private movies public.
Check Point's team was also able to transmit harmful URLs to users in messages that appeared to be from TikTok, as well as access users' private account information, including their email addresses.
Check Point confirmed in its research that TikTok had patched all of the vulnerabilities discovered by its team. Meanwhile, the leader of TikTok's security team, Luke Deshotels, told the New York Times that there was "no evidence" that anybody had exploited the security weaknesses while they were active.
Nonetheless, TikTok's meteoric rise and links to China parent firm ByteDance headquartered in Beijing meant the app was already under intensive investigation by the US authorities.
According to Reuters, a US security council has initiated a national security examination of ByteDance. The Army said the same month that it was undertaking a security audit of the app and informed cadets that they could no longer feature in TikTok videos while in uniform.
In December, the Navy openly banned the app the next day, declaring it a "cybersecurity danger," and the Army followed suit on December 30.
"It is considered a cyber threat," said Army spokesman Robin Ochoa at the time. "It is not permitted on government phones."
Remember, all of these precautionary bans and warnings from US government agencies occurred before any TikTok security problems were publicly discovered.
We now know for certain that the program does feature exploitable security holes, and TikTok's claims that it has rectified the disclosed bugs are unlikely to assuage the US government's concerns about the popular app.
