Bad situation for theApp on TikTok. These days the platform has denied having been the victim of a cyberattack, which would have allowed some strangers to access the source code and user data. Last Friday, in fact, on a hacking forum the group “AgainstTheWest” claimed responsibility for the attack on TikTok and WeChat. And to demonstrate this, he shared screenshots of an alleged database belonging to companies, rumored to have been accessed on an Alibaba cloud instance. A proof that the Chinese social media has denied him with all his might. So let’s see what really happened.
TikTok: App denies attack by hacker group “AgainstTheWest”
The Bleeping Computer portal recently reported the difficult issue that the TikTok App is facing these days. The hacker group “AgainstTheWest”, in fact, has recently claimed to have had access to server data used by TikTok. This server reportedly contains 2.05 billion records in a huge 790GB database. It would contain user data, platform statistics, software code, cookies, authentication tokens and much more. But who really are the cybercriminals behind the attack? “Don’t be confused by the name, ATW targets countries they perceive as a threat to Western society. They are currently targeting China and Russia, and have plans to target North Korea, Belarus and Iran in the future, ”explains cyber security researcher CyberKnow.
Credits: Bleeping Computer
And now comes the craziest part of this story. The TikTok App has publicly denied being been hacked. “This is an incorrect claim: our security team investigated this claim and determined that the code in question is not fully related to TikTok’s backend source code, which was never merged with WeChat data.” , glosses the platform. Furthermore, the App stated that the leaked user data could not come from a direct scraping of the platform. “We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok’s systems, networks or databases,” clarified a spokesperson. “We don’t believe users need to take any proactive action and remain committed to the safety and security of our global community.”
In this regard, there is another clarification to be made. While WeChat and TikTok are both Chinese companies, they are not owned by the same parent company. Therefore, seeing them both in a single database indicates the attack did not directly affect each platform. Most likely, therefore, a scraper or data broker third party created the unsecured database, taking public data from both services and saving it in a single database. Nevertheless Troy Hunt, the creator of the HaveIBeenPwned data breach notification service, stated that some data leaked on the hacking forum was valid. Although he was unable to find concrete evidence to support his thesis about him. And so did the “database hunter” Bob Diachenko.
This is so far pretty inconclusive; some data matches production info, albeit publicly accessible info. Some data is junk, but it could be non-production or test data. It’s a bit of a mixed bag so far.
— Troy Hunt (@troyhunt) September 5, 2022
The question, therefore, is very complex. If further analysis reveals that the data is legitimate, the TikTok App will need to take action to mitigate the effects of the leak. Although there has actually been no real cyberattack. On more than one occasion, Bleeping Computer has asked the company for comment. But without receiving any response. We therefore look forward to understanding what will happen in the coming days.