For some time it has been established that users can access to buy things on the platform of TikTok, this thanks to a browser that is linked to the different links. And now, some users have detected a somewhat suspicious code within the application, which would detect every movement of the user who is entering data.
The investigator, Felix Kraus, ensures that the app is able to collect any keyboard movements, this through a javascript embed code that got into one of the updates. That means it would detect user activity when entering passwords, but more alarming are credit card numbers and codes.
It was recently confirmed Forbes that the platform does insert code JavaScript , but this is only used to improve the user experience. So for now users can confirm that it is not used in malicious terms, so far no incident of key theft has been confirmed, but it could happen one day.
This does not mean that the people of TikTok use it in your favor, but some hacker can discover the way to enter the data, and therefore spy on all the users who use this internal browser. Therefore, the company should take the corresponding measures, especially with security protocols so that no one can enter.
Via: Krause