TikTok Denies Cyber Attack: Did It Really Happen?

Contents

Summary Of The Attack

  • Popular short-form social video platform TikTok denied reports that it had been compromised by the hacking group after they claimed to have gained access to an insecure cloud server.
  • A hacker organization called “AgainstTheWest” posted a discussion on a forum and claimed that this server contains 2.05 billion records in a vast 790GB database containing user data, platform statistics, software code, cookies, auth tokens, server info, and many more.
  • Microsoft Corporation revealed on August 31 that it has discovered a high-severity vulnerability in TikTok’s Android application that could have been used by attackers to quickly compromise user accounts.
  • It is advised for users of the TikTok video platform to update their passwords and enable two-factor authentication.
.

What Happened?

Popular short-form social video platform TikTok denied reports that it had been compromised by the hacking group AgainstTheWest after they claimed to have gained access to an insecure cloud server and also mentioning the source code posted on hacking forums isn’t part of its platform.

What Was The Impact?

The denial comes in response to suspected hacking reports that appeared on the breach forums message board on the 3rd of September. The threat actor claimed that the server holds 2.05 billion records in a massive 790GB database.

TikTok also mentioned that the leaked user data could not result from a direct scraping of its platform, as they have adequate security safeguards to prevent automated scripts from collecting user information.

How This Attack Happened

A hacker organization called “AgainstTheWest” posted a discussion on a forum on the 3rd of September, a hacking group known as ‘AgainstTheWest’ created a topic on a hacking forum claiming to have breached both TikTok and WeChat.

The user shared images of what they claim to be screenshots of a database used by the companies, accessed on an Alibaba cloud instance, containing data for both TikTok and WeChat users.

The threat actor claims that this server contains 2.05 billion records in a vast 790GB database containing user data, platform statistics, software code, cookies, auth tokens, server info, and many more.

AgainstTheWest claims they compromised TikTok in a recent data breach

WeChat and TikTok are both Chinese companies, however, they are not owned by the same parent company.

WeChat is owned by Tencent, while TikTok is owned by ByteDance. Thus, the fact that they were both found in the same database suggests that there was not a direct breach on each platform.

Most likely, the unprotected database from a third-party data scraper or broker who scraped publicly available data from both services and exported data into a single database.

Additionally, some security researchers verified the authenticity of the user data that was exposed, but they were unable to draw any firm conclusions regarding the data’s origin.

security researchers verified the authenticity of the user data on TikTok

Personnel from TikTok confirmed that the data samples described are all publicly available and are not the result of any breach of TikTok systems, networks, or databases.

Free Security Policy Templates

Get a step ahead of your cybersecurity goals with our comprehensive templates.

IT Security Policy Templates

Microsoft Reveals Vulnerability

Microsoft revealed on August 31 that it had discovered a high-severity vulnerability in TikTok’s Android application that could have been used by attackers to quickly compromise user accounts.

The vulnerability discovered by Microsoft is a more specific problem that may have affected Android-powered mobile devices and placed millions of accounts at risk.
In February 2022, Microsoft informed TikTok of the issue, and less than a month later, the vulnerability was addressed.

For East and Southeast Asia, TikTok’s Android app is available in two flavors: com.ss.android.ugc.trill for that region, and com.zhiliaoapp.musically for the rest of the world.

Microsoft conducted a vulnerability study on the TikTok Android app and found that the issues were affecting both versions of the app, which have over 1.5 billion installations through the Google Play Store.

As part of our responsible disclosure policy, a Microsoft security researcher informed TikTok of the flaws in February 2022 via Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR).

Was TikTok Breached?

Even though TikTok has strongly denied a breach, the data in the database may have originated from other sources. If the further analysis reveals that the data is legitimate, TikTok will be required to take action to mitigate the leak’s effects even if it wasn’t penetrated.

How Can You Protect Yourself?

It is advised for users of the TikTok video platform to update their passwords and enable two-factor authentication.

Article by

Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and CEO of PurpleSec.
Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and CEO of PurpleSec.

Share This Article

Our Editorial Process

Our content goes through a rigorous approval process which is reviewed by cybersecurity experts – ensuring the quality and accuracy of information published.

Categories

Get the week’s best
cybersecurity content.

Related Breaches