TikTok users beware: Hackers could swap your videos with their own
Mobile app developers Tommy Mysk and Talal Haj Bakry just published a blog article entitled “TikTok vulnerability enables hackers to show users fake videos“.
As far as we can see, they’re right.
(We replicated their results with a slightly older Android version of TikTok from a few days ago, 15.5.44; their tests included the very latest builds on Android and iOS, numbered 15.7.4 and 15.5.6 respectively.)
We used a similar approach to Mysk and Haj Bakry to look at the network traffic produced by TikTok – we installed the
tPacketCapture app on Android and then ran the TikTok app for a while to flip through a few popular videos.
Posted on April 17, 2020