Video app TikTok contains major security flaws: Study

Chinese-owned video-sharing app TikTok, which has faced increased scrutiny from the U.S. government, has major security flaws, according to a study published Wednesday.

The study by cybersecurity company Check Point Research found that the fourth-most downloaded app in 2019 had "multiple vulnerabilities," and was released the same day TikTok announced a number of significant updates to its community guidelines.

The "vulnerabilities" discovered within the app allowed bad actors to send messages to users with links that installed malware onto users' devices, allowing attackers to get a hold of their accounts, delete videos, upload unauthorized videos, view private videos and reveal private personal user information like email addresses, according to the study.

TikTok told FOX Business in a statement that the issues have been resolved.

“TikTok is committed to protecting user data. Like many organizations, we encourage responsible security researchers to privately disclose zero-day vulnerabilities to us," TikTok security team member Luke Deshotels said.

"Before public disclosure, Check Point agreed that all reported issues were patched in the latest version of our app. We hope that this successful resolution will encourage future collaboration with security researchers," he added. "Following a review of customer support records, we can confirm that we have not seen any patterns that would indicate an attack or breach occurred.“

TikTok also announced a ban on "misleading content" Wednesday, according to its latest community guidelines update.

"We remove misinformation that could cause harm to an individual's health or wider public safety. We also remove content distributed by disinformation campaigns,'' the guidelines read.

The update comes after the U.S. government launched a national security investigation into the app's owner, ByteDance Technology, in November over concerns that the social media company censors politically sensitive content.

An October report by The Guardian outlined how TikTok censors videos that mention Tiananmen Square, Tibetan independence or the banned religious group Falun Gong, as well as how the app tries to advance Chinese foreign policy aims.


A TikTok spokesperson told FOX Business the company was unable to comment on ongoing regulatory matters.

"TikTok has made clear that we have no higher priority than earning the trust of users and regulators in the U.S.," the spokesperson said. "Part of that effort includes working with Congress and we are committed to doing so."


TikTok also came under fire in October when The Wall Street Journal reported that ISIS members were posting propaganda videos to the app in an effort to influence young people.

"The rhyme, beat, evocative lyrics and punchy delivery are especially appealing to youth," Elisabeth Kendall, an Oxford University expert on extremism, told the Journal. "This catchy sing-along method for propagating ISIS ideology means it spreads quickly and sticks in the collective memory. It tends to be far more effective than sermons or theological debate and treatises."

TikTok aims to prevent that kind of content going forward, according to its new guidelines.

"We do not allow dangerous individuals or organizations to use our platform to promote terrorism, crime, or other types of behavior that could cause harm. When there is a credible threat to public safety, we handle the issue by banning the account and cooperating with relevant legal authorities," the guidelines state.

And in the latest of a string of events over the course of 2019 that highlighted issues with TikTok, the U.S. Navy banned the app in December highlighting security risks.

"This decision was made based on cybersecurity threat assessments," CDR Dave Benham, director of public affairs for the U.S. Fleet Cyber Command and U.S. 10th Fleet, said in a statement to FOX Business at the time, adding that the move "is consistent with 10th Fleet efforts to proactively address existing and emerging threats in defense of our networks."


FOX Business' Megan Henney contributed to this report.