TikTok Flaw Allows Threat Actors To Plant Forged Videos In User Feeds

By   ISBuzz Team
Writer , Information Security Buzz | Apr 16, 2020 05:11 am PST

ThreatPost has reported that a security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to a user’s TikTok feed and swap it out with hacker-generated content.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Tim Erlin
Tim Erlin , VP of Product Management and Strategy
April 16, 2020 1:13 pm

This type of attack represents a different kind of privilege escalation. Masquerading as an authoritative identity in order to feed false information into someone’s feed could be used for all kinds of malicious intents.

We often ask that users be diligent about evaluating the sources of information they receive from social media, but diligence isn’t helpful when an attacker can simply impersonate an authoritative source.

Last edited 3 years ago by Tim Erlin

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x