Hack denied: TikTok insists flaw has been patched
TikTok, the musical video app with one billion mostly young users, has been called out for a serious security flaw that could leave users vulnerable to hackers.
The flaw would allow attackers to send a malicious link to a victim that will redirect to a malicious website, according to Check Point, a long-established global IT security firm.
The company informed TikTok of the security flaw, which TikTok now said it had fixed with security patches.
"During our research, we found that it is possible to send a SMS message to any phone number on behalf of TikTok," said Check Point of the security flaw.
Please log in or register with Independent.ie for free access to this article.
"In the course of our research, we found that it is possible to send a malicious link to a victim that will result in redirecting the victim to a malicious website." However, the company said it could not find any proof yet of TikTik user accounts being breached or attacked through the flaw.
TikTok is particularly popular with teenagers and children, who use it to record short videos of themselves, often miming the lyrics to popular songs.
The service is owned by the Chinese company ByteDance. It has courted controversy in recent months with accusations of censorship over Hong Kong protests against a Chinese security crackdown.
The move comes as the mainstream web browser Mozilla Firefox admitted it suffered a security flaw that let hackers take control of user computers. Mozilla said it was "aware of targeted attacks in the wild abusing this flaw" and that it had released a new version of Firefox that fixes the problem.