{"id":646,"date":"2022-09-02T11:46:32","date_gmt":"2022-09-02T11:46:32","guid":{"rendered":"https:\/\/cybersecuritynest.com\/?p=646"},"modified":"2022-09-02T11:46:32","modified_gmt":"2022-09-02T11:46:32","slug":"hacking-a-tiktok-account-with-just-a-single-click-on-android-revealed-by-microsoft","status":"publish","type":"post","link":"https:\/\/cybersecuritynest.com\/?p=646","title":{"rendered":"Hacking a Tiktok account with just a single click on Android, revealed by Microsoft."},"content":{"rendered":"<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-large mash-center mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fcybersecuritynest.com%2F%3Fp%3D646\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Share&nbsp;on&nbsp;Facebook<\/span><\/a><a class=\"mashicon-twitter mash-large mash-center mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/cybersecuritynest.com\/?p=646&amp;via=CYBERSECNEST\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Tweet&nbsp;on&nbsp;Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-large mash-center mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe&nbsp;to&nbsp;Newsletter<\/span><\/a><div class=\"onoffswitch2 mash-large mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47--><p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"7\">Microsoft disclosed Wednesday details about a &#8220;high severity vulnerability&#8221; in TikTok for Android. This vulnerability could allow attackers to take control of accounts if victims click on a malicious URL.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"12\">&#8220;Attackers may have leveraged the vulnerability in order to hijack an account, without users&#8217; awareness if a targeted person simply clicked a specially crafted hyperlink,&#8221; Dimitrios Valsamaras from the Microsoft 365 Defender Research Team\u00a0<a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/08\/31\/vulnerability-in-tiktok-android-app-could-lead-to-one-click-account-hijacking\/\">stated<\/a>\u00a0in a write up.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"9\">The flaw could have been exploited to allow malicious actors to modify TikTok profiles of users and other sensitive information. This could have allowed them to expose private videos without their consent.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"4\">The bug could have been used by attackers to send and upload videos for users.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-648\" src=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-5.-An-example-of-adding-an-intent-filter-in-the-apps-manifest-for-deep-linking.-300x201.png\" alt=\"\" width=\"300\" height=\"201\" srcset=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-5.-An-example-of-adding-an-intent-filter-in-the-apps-manifest-for-deep-linking.-300x201.png 300w, https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-5.-An-example-of-adding-an-intent-filter-in-the-apps-manifest-for-deep-linking.-768x515.png 768w, https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-5.-An-example-of-adding-an-intent-filter-in-the-apps-manifest-for-deep-linking..png 960w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"1\">The issue, addressed in version 23.7.3, impacts two flavors of its Android app com.ss.android.ugc.trill (for East and Southeast Asian users) and com.zhiliaoapp.musically (for users in other countries except for India, where it&#8217;s banned).<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"3\">The apps are combined more than 1.5 million in number.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-649\" src=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/android-300x188.jpg\" alt=\"\" width=\"300\" height=\"188\" srcset=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/android-300x188.jpg 300w, https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/android.jpg 728w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"14\">The vulnerability was identified as\u00a0<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-28799\">CVE-202-28799<\/a>\u00a0(CVSS Score: 8.8). It is related to the way the app handles a deeplink. This special hyperlink allows apps to open a specific resource in another app on the device, rather than redirecting users to a website.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-650\" src=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-7.-Identifying-deeplinks-and-their-targeted-activities-using-Medusa-300x147.png\" alt=\"\" width=\"300\" height=\"147\" srcset=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-7.-Identifying-deeplinks-and-their-targeted-activities-using-Medusa-300x147.png 300w, https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-7.-Identifying-deeplinks-and-their-targeted-activities-using-Medusa-768x376.png 768w, https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/Figure-7.-Identifying-deeplinks-and-their-targeted-activities-using-Medusa.png 960w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"2\">&#8220;A crafted URL (unvalidated deeplink) can force the com.zhiliaoapp.musically WebView to load an arbitrary website,&#8221; according to an advisory for the flaw.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"5\">This could allow an attacker leverage an attached JavaScript interface to takeover the site in a single click.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"13\">Simply put, the flaw allows you to bypass the apps&#8217; restrictions to reject untrusted host and load any website that the attacker chooses through the Android System\u00a0. This is a way to display web content on other applications.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-651\" src=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/hacking-300x278.jpg\" alt=\"\" width=\"300\" height=\"278\" srcset=\"https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/hacking-300x278.jpg 300w, https:\/\/cybersecuritynest.com\/wp-content\/uploads\/2022\/09\/hacking.jpg 728w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"15\">&#8220;The filtering happens on the server side and the decision to load a URL or reject it is based upon the response received from a specific HTTP GET request,&#8221; Valsamaras explained. The static analysis also indicated that &#8220;it is possible to bypass this server-side check by adding 2 additional parameters to deeplink.&#8221;<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"11\">This exploit, which was designed to hijack WebView and load rogue sites, could allow the adversary over 70 TikTok endpoints. This would compromise a user&#8217;s profile integrity.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"6\">The bug is not known to have been used in the wild.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"8\">Microsoft stated that\u00a0JavaScript interfaces\u00a0pose significant programming risks.<\/span>\u00a0<span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"10\">A compromised JavaScript interface could allow attackers to execute code with the application&#8217;s ID or privileges.<\/span><\/p>\n<p>&nbsp;<\/p>\n<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-large mash-center mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fcybersecuritynest.com%2F%3Fp%3D646\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Share&nbsp;on&nbsp;Facebook<\/span><\/a><a class=\"mashicon-twitter mash-large mash-center mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/cybersecuritynest.com\/?p=646&amp;via=CYBERSECNEST\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Tweet&nbsp;on&nbsp;Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-large mash-center mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe&nbsp;to&nbsp;Newsletter<\/span><\/a><div class=\"onoffswitch2 mash-large mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47-->","protected":false},"excerpt":{"rendered":"<p>Microsoft disclosed Wednesday details about a &#8220;high severity vulnerability&#8221; in TikTok for Android. This vulnerability could allow attackers to take control of accounts if victims click on a malicious URL. &#8220;Attackers may have leveraged the vulnerability in order to hijack an account, without users&#8217; awareness if a targeted person simply clicked a specially crafted hyperlink,&#8221; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":647,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[13,10],"tags":[162],"class_list":["post-646","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mobile","category-vul-mal","tag-twitter"],"aioseo_notices":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/646"}],"collection":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=646"}],"version-history":[{"count":2,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/646\/revisions"}],"predecessor-version":[{"id":653,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/646\/revisions\/653"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/media\/647"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=646"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=646"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=646"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}