TikTok has come under fire recently for shady data collection practices – now Anonymous hackers are weighing in.
A few weeks ago, we reported that a new version of iOS exposed that TikTok was accessing mobile clipboards every few keystrokes. A TikTok representative said the action was intended as an anti-spam measure, but there are far more effective ways to block spam.
Now, hackers from the Anonymous collective are warning TikTok’s data collection is far more egregious than you think. The short-form video aspect of TikTok is the honey in the honeypot.
“Delete TikTok now;” the Twitter account linked to Anonymous advises. “If you know someone that is using it, explain to them it is essentially malware operated by the Chinese government running a massive spying operation.” The tweet also contains screenshots of a Reddit thread that further breakdown TikTok’s data collection activities.
So, what data does TikTok collect, and why is Anonymous worried?
Reverse engineering of the TikTok app reveals how much data you unknowingly give away.
- Phone hardware
- Other apps installed
- Everything network-related (IP, local IP, router MAC, your MAC, WiFi access point name)
- Rooted or jail-broken phone
- GPS pinging enabled once every 30 seconds
- TikTok sets up a local proxy server for transcoding media (easily exploitable)
So why is this bad? Giving away that much information is like giving away your digital footprint. If the Chinese government decides to target you, everything TikTok collects can pinpoint you in your home.
“bUt AlL sOcIaL mEdIa cOmPaNiEs, cOlLeCt dAta!” you screech at the screen. That’s true, but not all social media companies collect data this egregiously. A common tactic that offensive cybercriminals use is to compromise devices of those near the target. All it takes is a U.S. serviceman’s kid playing around on TikTok to reveal a highly secret base location to foreign operatives.
Anonymous also made headlines recently after threatening the Minneapolis Police Department. The group promised it would “expose the many crimes” of Minneapolis Police unless officers were held accountable for the murder of George Floyd.
The United States government is suspicious of TikTok’s data collection capabilities, too.
The government has launched an investigation into censorship practices on the platform. The U.S. Army and Navy have both banned the app from government devices. Congress is even considering a bill to do the same, though nothing official has been passed.
Meanwhile, TikTok is banned in India along with 58 other Chinese apps as tensions between the countries heat up. Will the United States soon issue a ban of its own?