Microsoft experts have issued an alert on a security hole in the popular Tik Tok app that might have allowed hackers to hijack people’s accounts. According to the British publication The Sun, they highlighted a mistake in the programme on the Android system in their post. However, a critical problem known as CVE-2022-28799 has been addressed, and there is no indication that attackers leveraged it to breach accounts.
The hackers could have entered the accounts with a single click if they had exploited the software hole. A malicious link might have been sent through email or other online messaging platforms. If the receiver clicks, their account will be immediately hacked. Scammers can then post private videos, send messages, and upload videos on the victims’ behalf. According to Microsoft, the vulnerability enabled for the application’s deep link verification to be bypassed.
Microsoft’s 365 Defender Research team discovered the flaw and submitted it to TikTok. Tik Tok later corrected the issue, emphasising that there was no proof that the flaw was abused by nefarious actors.
Microsoft warned TikTok users not to open on links delivered from an unfamiliar email address or phone number. If you are unsure who sent you anything, it is advisable to take a moment to ensure its safety.
If you feel you have received a harmful link or file, alert the sender and delete the message immediately. Users should also keep their smartphones and applications up to date with the newest software.
Tik Tok has been compromised in terms of security, and Microsoft has issued a warning to users.
About Author
