TikTok Flaw Allows Threat Actors To Plant Forged Videos In User Feeds

ThreatPost has reported that a security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to a user’s TikTok feed and swap it out with hacker-generated content.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Tim Erlin
Tim Erlin , VP of Product Management and Strategy
InfoSec Expert
April 16, 2020 1:13 pm

This type of attack represents a different kind of privilege escalation. Masquerading as an authoritative identity in order to feed false information into someone’s feed could be used for all kinds of malicious intents.

We often ask that users be diligent about evaluating the sources of information they receive from social media, but diligence isn’t helpful when an attacker can simply impersonate an authoritative source.

Last edited 2 years ago by Tim Erlin
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x