TikTok Scrambling After Source Code Leaks — Hacker Calls Platform “Legitimate Spyware”

TikTok source code leak

Photo Credit: Solen Feyissa

TikTok is using DMCA takedown requests to remove a source code leak online.

A coder has reverse-engineered the TikTok Android app, showcasing how it works. The coder says TikTok is a data collection engine rather than a social network and calls it “legitimate spyware.” It’s the same reason the app came under fire at the end of 2019 and throughout 2020.

Many U.S. government agencies banned TikTok on government devices. It started with the Navy before expanding to the Army and then members of Congress over the summer. These privacy concerns ultimately culminated in the President banning TikTok through executive order.

The U.S. court system prevented the Commerce Department from enforcing that ban. But renewed concerns about privacy in TikTok have sparked concerns. Now, a reverse engineer named ‘augustgl’ on GitHub has brought those concerns to the forefront.

“This project is a bit different from my other projects. TikTok is a data collection engine disguised as a social media platform. It’s legitimate spyware, so I thought I would reverse engineer the Android application,” the GitHub repo read before it was removed.

TikTok source code leak DMCA

The coder exposed just how much data collection TikTok does. The app includes dedicated location tracking, phone call collection, screenshots saved to the phone, all information about WiFi networks, and even some facial recognition technology. The repository was only up for a few days before TikTok got wind and started sending DMCA takedowns to GitHub to remove the source code leak.

“I am legal counsel to TikTok Inc., owner of the copyright that is the subject matter of this notification, and am authorized to act on the owner’s behalf,” the DMCA takedown notice begins.

“The original copyrighted work is source code for the TikTok Android app. GitHub user augustgl appears to claim to have reverse-engineered the app. He posted the code to the following GitHub repository.”

The request also mentions 19 other repositories that had forked the original code. TikTok then targeted five more repositories that uploaded the code after the initial sweep.

TikTok is continuing its aggressive action to keep the source code leak off of GitHub.

The original coder who uploaded the source code has not said anything since. TorrentFreak attempted to contact him but has not heard anything back. TikTok remains a national security concern for the U.S. government, even throughout the administration change.

Joe Biden has expressed some security concerns around the app but has not committed to continuing the Trump administration’s crusade against Chinese apps.

5 Responses

  1. Avatar
    Nerdelbaum Frink

    They’re doing what every other social media company is doing. All social media is spyware.

  2. Avatar
    Nerdelbaum Frink

    They’re doing what every other social media company is doing. All social media is spyware.

  3. Avatar
    Rabbi Shlomo Bin Rubenstein the 3rd

    That hacker derives a medal of freedom. Those chinese communists slime balls are collecting our screenshots? go figure

    • Avatar
      Nocturne

      Instagram/Facebook and nearly every other social media out there is collecting screenshots the moment Your grant app permission (and You have to do it to use the app).

      I dont care about tiktok but You have to realize that apps that seem trustworthy are doing exactly the same…

  4. Avatar
    Uncle ROy

    They really need some blockchain coupled with a little bitcoin. Fixed