Interested in security? Follow along for content within Cybersecurity
TikTok has become one of the most popular and used social media platforms. It is an application that allows users to share and watch videos, between fifteen seconds to three minutes, from people you follow (like celebrities, your friends and family members). Unfortunately, since it is a popular application, it has become an easy target for hackers. This article will talk about five common TikTok vulnerabilities and how to protect yourself against them.
TikTok Hacks and Vulnerabilities:
- Cross-Site Scripting (XSS)
- Phishing Emails
- Remote Keyloggers
- Zero-Day Vulnerabilities
- Weak Passwords
1. Cross-Site Scripting (XSS)
In 2020, Security researcher, Muhammed Taskiran, found a vulnerability related “to a URL parameter on the tiktok.com domain which was not properly sanitized” (zdnet). While he was fuzzing the platform, he found that “this issue could be exploited to achieve reflected cross-site scripting, potentially leading to the execution of malicious code in a user’s browser session”.
So what does this mean for the TikTok user? Well, if attackers have successfully executed malicious code (i.e. scripts) into a user’s browser session, then the user’s session has been hijacked and the attacker can do whatever they want! They can redirect the user to malicious websites, record the user’s online activity, or even download malicious files onto the user’s system and hack their device.
How to Protect Against XSS Attacks
To protect and prevent an XSS attack from occurring, you should use data sanitization across the tiktok.com domain to make sure that only appropriate variables are inserted.
2. Phishing Emails
Phishing emails are an easy way for hackers to hack TikTok accounts. The hacker can send fake emails to users making it seem like it is from TikTok. The content of the emails could state, for example, that your account has been…
Continue reading: https://hackernoon.com/how-to-hack-tiktok-accounts-5-common-vulnerabilities-3a8337k2?source=rss