Urgent Alert sent to millions of Android users – act now or it could cost you
ANDROID phone owners who use TikTok are being warned about a cyber security gap that means their accounts may have been hacked.
TikTok admitted that the vulnerability meant hackers could bypass the two-step verification process using brute force.
The flaw, which also affected online users, allowed hackers to bypass authentication without special tools or tricks.
Fraudsters can instead use brute force, repeatedly logging in over and over again until the two-factor authentication page is skipped and TikTok lets them into the account.
“A vulnerability was found where a random timeout issue on a two-step verification endpoint could have resulted in a potential authentication bypass if multiple incorrect attempts were entered in quick succession,” TikTok said.
“It was found that this vulnerability required access to the user’s email/password or phone number/code associated with the account and would require multiple bruteforcing attempts to bypass.”
The issue was uncovered by cybersecurity researchers at HackerOne.
The team first reported the bug to TikTok last October, before it was fixed in mid-December 2022.
The error is no longer active.
But researchers have advised TikTok users to update their passwords in case a hacker could access their details while the gap was open.
TikTok, owned by one of the largest technology companies in China known as ByteDance, has quickly become one of the most popular social media apps in the world.
The app exploded in user numbers during the Covid-19 pandemic and after the death of the beloved short video sharing app Vine – becoming the most downloaded app in 2021, technology research company Apptopia found.
Almost 14.5 million Android users are on the app every day, according to the latest figures from the analysis organization Statista in 2021.
While TikTok has 30.8 million daily active users who use the app through Apple iPhone’s iOS system.
Best Phone and Gadget Tips and Hacks
Looking for tips and hacks for your phone? Want to find the secret features of social media apps? We’ve got you covered…
Get all the latest stories about WhatsApp, Instagram, Facebook and other tech gadgets here.
We pay for your stories! Got a story for The Sun Online Tech & Science team? Email us at [email protected]