TikTok Hack: 2B Records Leak – but ByteDance Denies


TikTok was hacked, stealing over two billion records. At least that’s what the notorious leak group BlueHornet (a/k/a AgainstTheWest, AggressiveCurl) says. But TikTok says no.

The group is known for its attacks against Businesses and governments in places they see as “anti-West” — notably in China, Russia, North Korea and Iran. But this leak has pushed Twitter and an underground hacking forum too far, as both have banned the group’s accounts.

AppSec/API Security 2022

What’s really going on? In today’s SB Blogwatch we separate fiction from fact.

Your humble blog watcher has curated these blog posts for your entertainment. Not to forget: Tung-Tung Metal.

Plague for you

What is the craic? Bill Toulas reports…”TikTok denies security breach after hackers leaked user credentials and source code“:

TikTok will be forced to take action
On Friday, a hacking group called “AgainstTheWest” created a topic on a hacking forum claiming to have violated both TikTok and WeChat. The user shared screenshots of an alleged database of the companies, which was allegedly accessed through an Alibaba cloud instance. … The threat actor says that this server holds 2.05 billion records in a massive 790GB database.

TikTok denies being hacked. … If further analysis reveals the data to be legitimate, TikTok will be forced to take action to mitigate the impact of the leak, even if it wasn’t breached.

ByteDance in denial? Emma Roth swims in Egyptian rivers…”TikTok denies reports it was hacked“:

No proof
In response to these allegations, TikTok said its team “found no evidence of a security breach. … We have confirmed that the data samples in question are all in the public domain and are not the result of any compromise of TikTok systems, networks or databases. … We don’t believe users need to take proactive measures, and we remain committed to the safety of our global community,” said Maureen Shanahan, spokeswoman for TikTok.

Who disagrees? BeeHive cyber security sounds a bit suspicious:

The TikTok breach needs to be covered up
TikTok has reportedly suffered a data breach, and if true, there could be repercussions in the coming days. We recommend you change your TikTok password and enable two-factor authentication.

We checked a sample of the extracted data. … Violation is #confirmed. … A security team has claimed responsibility: … Researcher Credit @AggressiveCurl [aka ATW].

ATW just got banned from Twitter and we’re not exactly sure why. … In our personal experience, ATW was serious. … find it oddly suspicious. … The TikTok breach needs to be covered up.

Cover up? Pass the tin foil, my head feels bare. Here is Troy Hunt:

Hacking forum thread with samples of alleged TikTok data deleted and user banned for “lying about privacy breaches”. … I think it’s becoming more and more likely that TikTok wasn’t hurt.

Who is this AgainstTheWest/BlueHornet group anyway? They’re rock solid, loud u/Rocksolidbubbles:

Blue Hornet are not script kiddies. They are a serious pro-Western persistent threat group that targets the Chinese, Russians, North Koreans and others [other] Aims towards the west.

Okay, if not from TikTok, where from? Bob Diachenko—@MayhemDayOne– proposes an alternative:

The TikTok breach is real. Our team analyzed publicly available repos to confirm a partial user data leak. The data likely comes from Hangzhou Julun Network Technology Co., Ltd – and not TikTok.

Quiet, two trillion Records? coofercat growls:

If it turns out someone stole 2 billion user records, then [TikTok’s] Reputation…will continue to fall. There is something seriously wrong with your architecture and processes if someone can exfiltrate that amount of data. There should have been so many layers of protection against that.

Of course none of this matters to ‘da kids’ who just want a smear of fame for a few minutes. They won’t be uninstalled unless the app is removed from the app stores — and even then, I bet a lot of them will try to sideload it.

Potential PII aside, Is there anything interesting for geeks? It’s the algorithm, fool, thinks other123:

The most praised thing about TikTok is how they tailor videos to each user. While Insta or Facebook focus on virality, TikTok is able to show you videos that are hardly liked and shared and that you somehow like.

After five years at LinkedIn telling the plain truth, they still don’t understand me at all. … They just keep my feed filled with the most “interacted” content.

How could that happen? u/Makani_Kai has a suspicion:

I’ve seen many cases of software companies storing private keys in source code repositories. … Yes, as is well known, one should not do that. Yes, people still do it because it’s the path of least resistance. Usually a “we’ll get to that later, let’s deploy this quickly” situation.

And finally:

André can’t get enough of the Nooran Sisters

Inside earlier And finally

they have read SB blog watch through Rich Jennings. Richi curates the best blog articles, best forums and craziest websites… so you don’t have to. Hate mail can be sent to @RiCHi or [email protected]. Consult your doctor before reading. Your mileage may vary. E&OE. 30

picture sauce: Eyestetix Studio (above Unsplash; leveled and cropped)


About Author

Comments are closed.