By Marco Vazquez, Rubica
“Delete TikTok now,” tweeted Anonymous on July 1, 2020. It was right after TikTok was found to be secretly reading the contents of iOS users’ clipboards. If TikTok is active on your or your customers phones, the app can basically read everything you copy on another device: passwords, work documents, sensitive emails, and financial information.
Even Anonymous hates TikTok
It’s unusual, though, for a hacktivist group to be taking a public position on usage of a social media app. And even the person who led the TikTok reverse engineering team said “TBH if you have TikTok just get rid of it.”
So, what kind of vulnerabilities would ignite a group of activists and engineers against TikTok, and why should you care as a business or an MSP? As the fourth-most downloaded iPhone app in 2019, TikTok’s easy video production and upload function keeps pulling new users in—and the people who use it keep using it a lot. And when 3 in 4 users mix work and personal use on a single device, TikTok is almost certainly punching holes in your customers’ security.