• Home
  • Mobile
  • A Secret Code That Works Like Keylllogger On TikTok Has Been Discovered

A Secret Code That Works Like Keylllogger On TikTok Has Been Discovered

Felix Krause, a cybersecurity expert who previously worked at companies such as Google and Twitter, announced that he discovered a special code used to track credit cards and passwords in TikTok's in-app browser and urged Apple to take action.
 A Secret Code That Works Like Keylllogger On TikTok Has Been Discovered
READING NOW A Secret Code That Works Like Keylllogger On TikTok Has Been Discovered

China-based social media giant TikTok, on the one hand, sets an example for Instagram and YouTube with its features; On the other hand, concerns about it being a ‘global tracking application’ are increasing. The latest critical findings on these concerns came from iOS developer and cybersecurity expert Felix Krause, who previously made the cover of Forbes magazine in Germany while working at Twitter, so the source is pretty credible.

According to the evidence presented by Krause, the in-app browser that opens when you click on any link in TikTok (like the browser that opens when you click on links on Instagram) has a secret code that records critical information such as credit card and password. So if you see a different website link while browsing on TikTok, it’s not just that you clicked on that link; For example, the information you use while shopping on that link is also recorded.

“Equivalent to keylogger software that monitors every key you press”

“New Post: In-app browser announcement – See which JavaScript commands are embedded in the in-app browser”

“TikTok places a tracking code within the app that can track all keystrokes and taps, including passwords, while opening any website.”

Sharing his allegations and evidence both on his personal blog and on Twitter on August 18, Krause stated in his statement to Business Insider that the code used is “equivalent to a keylogger.” Keylogger software is one of the most rooted cyber tracking software in the IT world and records every key you press on the keyboard and shares it with third parties without even your soul. However, Kreuse kept his claim limited, stating that he “couldn’t find any concrete evidence that TikTok stores or uses this data.”

TikTok has confirmed the existence of such a code, but denied allegations that it was collecting sensitive user information:

A TikTok spokesperson, who made statements on the subject, stated that Krause provided misleading and false information, adding: “The researcher who published the report already admits that with the JavaScript code in question, our application does not mean that it ‘does malicious things’; it says there is no way to determine what kind of data our in-app crawler is collecting. We don’t track which keystrokes or texts users type through this code, which is only used for debugging, troubleshooting and performance monitoring.”

Open call to Apple: Use Safari for in-app browsers

Felix Krause, who said he found TikTok’s tracking code

Apple’s App Transparency Monitoring policy has been informing iPhone users instantly which application is being followed for a long time. However, the in-app browser that opens when using TikTok on iPhones does not belong to Apple. In apps like Instagram, users have the right to choose it, but Apple has given TikTok some leeway here, according to Krause. According to the expert’s statements, Apple’s enforcing the Safari browser in TikTok may be an important step in alleviating concerns.

Editor’s note: The trade war of US and Chinese brands is felt behind all these claims.

Photo: REUTERS @Jason Lee

Kreuse’s comments aren’t the first to fuel concerns about TikTok. In fact, the origin of most of these claims lies in the competition of social media giants representing the USA and China. If you remember, in the past years, the rivalry between Apple and Huawei has turned into a rivalry between China and the USA, serious news has been published in the western media that Huawei is a company that follows the whole world on behalf of the Chinese government, and even sanctions have been imposed on the relatives of senior executives in the USA, who are under pressure from the US government. Google has also withdrawn all its services from Huawei. After a while, Huawei abandoned Android and decided to continue with its own operating system, HarmonyOS.

In fact, investigations on TikTok have similar dynamics to those on Huawei. However, what is different this time is not a smartphone manufacturer of the accused company, but a social media application that spreads much faster because it is free and can be reached in a short time. On top of that, considering the support given by the Chinese government to technology companies and the practices such as the “pointed citizenship” system in China, the developments reported in the western media make more sense. Still, everything that is written and drawn needs more concrete evidence, but unfortunately, no world giant is accustomed to billions of dollars of sanctions and closure penalties by saying ‘this is how we follow you all’.

In the meantime, it should be noted that TikTok has been banned for about 2 years in India, the pilot country of western technology giants, with similar concerns.

Comments
Leave a Comment

Details
262 read
okunma9136
0 comments