TikTok Hack: 2B Records Leak — but ByteDance Denies
TikTok was hacked, with over two billion records stolen. Or so says notorious leak group BlueHornet (a/k/a AgainstTheWest, AggressiveCurl). But TikTok says not.
The group is known for its attacks against companies and governments in places they see as being “against the West”—notably China, Russia, North Korea and Iran. But this leak pushed Twitter and one underground hacker forum too far, with both banning the group’s accounts.
What’s really going on? In today’s SB Blogwatch, we sort fiction from fact.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Tung-Tung metal.
For You Plague
What’s the craic? Bill Toulas reports—“TikTok denies security breach after hackers leak user data, source code”:
“TikTok will be forced to take action”
On Friday, a hacking group known as ‘AgainstTheWest’ created a topic on a hacking forum claiming to have breached both TikTok and WeChat. The user shared screenshots of an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance. … The threat actor says this server holds 2.05 billion records in a massive 790GB database.
…
TikTok denies being hacked. … If further analysis reveals that the data is legitimate, TikTok will be forced to take action to mitigate the leak’s effects even if it wasn’t breached.
ByteDance in denial? Emma Roth swims Egyptian rivers—“TikTok denies reports that it’s been hacked”:
“No evidence”
In response to these allegations, TikTok said its team “found no evidence of a security breach. … We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases. … We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community,” TikTok spokesperson Maureen Shanahan said.
Who disagrees? BeeHive CyberSecurity sounds slightly suspicious:
“TikTok breach must be being covered up”
TikTok has reportedly suffered a data breach, and if true there may be fallout from it in the coming days. We recommend you change your TikTok password and enable Two-Factor Authentication.
…
We’ve reviewed a sample of the extracted data. … Breach is #Confirmed. … A security team has claimed responsibility: … Researcher Credit @AggressiveCurl [aka ATW].
…
ATW was just suspended from Twitter and we aren’t quite sure why. … In our experience personally ATW has been reputable. … Find it oddly suspicious. … The TikTok breach must be being covered up.
Coverup? Pass the tinfoil, my head feels naked. Here’s Troy Hunt:
The thread on the hacking forum with the samples of alleged TikTok data has been deleted and the user banned for “lying about data breaches.” … I think it’s increasingly likely there was no breach of TikTok.
So who is this AgainstTheWest/BlueHornet group, anyway? They’re rock-solid, according to u/Rocksolidbubbles:
Blue hornet are not script kiddies. They’re a serious pro-West persistent threat group that goes after Chinese, Russian, North Korean and [other] anti-West targets.
Okay, if not from TikTok, from where? Bob Diachenko—@MayhemDayOne—suggests an alternative:
TikTok breach is real. Our team analyzed publicly exposed repos to confirm partial users data leak. Data is likely to come from Hangzhou Julun Network Technology Co., Ltd—rather than TikTok.
Still, two billion records? coofercat growls:
If it turns out someone did steal 2bn user records, then [TikTok’s] reputation … will go even lower. There’s something seriously wrong with your architecture and processes if someone can exfiltrate that amount of data. There should have been so many layers of protection against this.
…
Of course, none of this matters to ‘da kids’ who just want to get a veneer of fame for a couple of minutes. They won’t be uninstalling unless the app gets removed from the app stores — and even then, I’ll bet a load of them will look to side-load it.
Potential PII aside, is there anything interesting to geeks? It’s the algorithm, stupid, thinks otherme123:
The most praised thing in TikTok is how they tailor videos to each user. While Insta or Facebook rely on virality, TikTok is able to show you videos barely liked and shared, and you somehow like them.
…
After five years in LinkedIn saying the plain truth, they still don’t get me at all. … They just keep my feed filled with the most “interacted” content.
Meanwhile, how could this happen? u/Makani_Kai has a suspicion:
I’ve seen many instances of software companies storing private keys in source code repositories. … Yes, it is well known you shouldn’t do this. Yes, people still do it, because it’s the path of least resistance. Usually a “we’ll get to it later, let’s just deploy this quickly” situation.
And Finally:
André can’t get enough of the Nooran Sisters
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.
Image sauce: Eyestetix Studio (via Unsplash; leveled and cropped)
