TikTok Finally Fixes Major Bug That Caused Accounts to Be Taken Over

Social media is a place where we interact with the world, and the thought of your account being compromised in any way, shape or form would probably be your worst nightmare and for good reason. No matter how many precautions social media platforms end up taking, something or the other might just slip through the cracks. This would create a vulnerability that could potentially be exploited by a variety of malicious actors all of whom would be working quite hard to ensure that they can gain illicit access to your account.

A major vulnerability was recently exposed in TikTok, the fastest growing social media platform in the world that has created a revolution in the world of social media in general. This vulnerability was discovered by a German bug hunter by the name of Muhammed Taskiran, and it’s the sort of thing that could cause a lot of problems both for TikTok’s users as well as for the company itself.

The vulnerability in question made it so that a malicious actor could potentially gain access to your account if you happen to be logging into TikTok using some kind of a third party login app. The API endpoint for TikTok’s log in form can be intercepted, and a malicious actor can use this to change the password of a particular account.

As a result of the fact that this is the case, the user of this account would no longer be able to access it. They wouldn’t even be able to change the password since the person that now has access to their account would be able to change everything about it and lock the user that owns it out completely.

This is a huge issue for TikTok since it means that users can’t feel safe on their platform. The good news is that TikTok has now fixed this vulnerability after the bug bounty hunter exposed it. It is important to note that problems like this can sometimes occur so that you can factor such situations into any kind of decisions you make with regards to account log ins and the like.



Read next: TikTok has begun showing analytics for live streams

No comments:

Post a Comment