Threat Guidances
iOS
Android
Vulnerability
January 1, 2020

Tiktok

Lookout and Recommendation for Admins

TikTok has been banned by India, the US military, and the Australian Defence Force as of July 1st, 2020. Considering the widespread security concerns of the app and its parent company, Lookout Admins should blocklist the app. Lookout enables admins to run risk analyses of any iOS or Android app with our App Analysis tool. Admins will receive a report breaking down all app components, including IP addresses by country used by the app. Armed with this information, Lookout Admins make highly informed decisions about what apps they want to blacklist.

Overview

In January 2020, two US military organizations banned TikTok because of communication with servers in China and Russia. Then, in June 2020, India decided to ban TikTok from the iOS and Google Play stores citing activities “prejudicial to the sovereignty and integrity of India.” Just a week later in July, the US Secretary of State announced that the United States was looking into a similar ban over security concerns of the app and the activities of its parent company ByteDance.

All of this comes on the heels of two reports. The first from an independent researcher who managed to reverse engineer the app and classified it as “a data collection service that is thinly veiled as a social media app” in a highly publicized findings report. The other is an ongoing project by the Australian Strategic Policy Institute (ASPI), which evaluates the “reach” of China’s largest technology companies and implicates ByteDance in surveillance work with the Xinjiang Internet Police

Lookout Analysis

Lookout conducted in-depth analysis of the app with its Mobile App Risk Analysis tool to make sure there wasn’t any greater danger to TikTok users. We concluded that the servers themselves didn’t execute malicious activity, which would have been a signal of direct nefarious activity. However, it’s impossible to tell what is being done with data sent over those servers and who has access to users’ information. Between January and July, it was notable that the number of IP addresses the iOS app connected to in China was reduced from 119 to 11, but increased from 0 to 5 for the Android app.

Lookout classified the following behaviors by TikTok apps as having elevated risk exposure:

  • Monitors location changes
  • Authorized to access camera
  • Accesses the clipboard
  • Accesses the clipboard
  • Executes commands in separate processes
  • Uses common RNG seed (Android)

Authors

Lookout

Cloud & Endpoint Security

Lookout, Inc. is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack. Data is at the core of every organization, and our approach to cybersecurity is designed to protect that data within today’s evolving threat landscape no matter where or how it moves.

Entry Type
Threat Guidances
Platform(s) Affected
iOS
Platform(s) Affected
Android
Threat Type
Vulnerability
Platform(s) Affected
Threat Guidances
iOS
Android
Vulnerability

Related Content

Four Chrome Zero Days

Google recently disclosed eight new mobile vulnerabilities in Chrome including four zero-days

Read Threat Article

BancaMarStealer

A customizable Malware-as-a-Service banking trojan delivered through any app with messaging capabilities.

Read Threat Article

Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy

Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).

Read Threat Article

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Schedule Demo
HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell