Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label cyberstalking. Show all posts

TikTok Tracked UK Journalist via her Cat's Account

Cristina Criddle, a technology correspondent for the Financial Times, received a call from TikTok two days before Christmas, informing her that four employees (two in China and two in the US) had successfully accessed user data from her personal account without her knowledge or consent. Cristina found this experience "chilling," "horrible," and personally violating. 

While She received the information she was at her family home with her teenage sister and cousins, all avid TikTok users who were concerned by the news. Despite TikTok and its parent company, ByteDance, consistently denying such occurrences, Cristina decided to speak with BBC News. 

During the summer, TikTok's internal audit department tracked Cristina's IP address and matched it with the IP data of some staff members to identify who was meeting with the press in secret. TikTok acknowledged that this action was unauthorized and an abuse of authority. 

Cristina is unsure about the duration and frequency of the tracking, but she knows her location was monitored around the clock, even in her personal life. For instance, when she was with friends or on vacation. Cristina feels that it is not acceptable to monitor her activities, whether work-related or not. 

"I was at my family home with my teenage sister, teenage cousins - and they all use TikTok all of the time. They were like, 'Whoa, should we be worried?” said Cristina. 

Cristina believes that the breach may have violated the European Union's stringent General Data Protection Regulation, which requires users to actively consent to how their data is used. Companies can face significant fines for failing to comply with the regulation. 

Despite the breach, Cristina still needs to use TikTok for her work, so she has kept her account open. However, she now keeps the app on a dummy device at work. Additionally, she has reduced her and her dog Buffy's social media use on other platforms due to the incident. 

According to cyber-security expert Prof Alan Woodward from Surrey University, the level of tracking performed on Cristina's account was not accidental or incidental. It required additional effort to identify her account, which is concerning. There are worries that ByteDance, which is based in Beijing but has offices in Europe and the US, could share user data with the Chinese state if required. 

Despite these concerns, TikTok remains extremely popular, with over 3.5 billion downloads globally. However, the app faces challenges in the US and is not readily available on official devices in some other countries.

Free Smartphone Stalkerware Detection Tool Gets Dedicated Hub

Kaspersky, Russian multinational cybersecurity and anti-virus provider has come up with a new information hub for their open-source stalkerware detection tool named TinyCheck which was created in 2019 to help people detect if their devices are being monitored. 

‘Stalkerware’ is software programs, apps, and devices – that enables people to secretly monitor others' private life via their devices. The term came into existence when people started using commercial spyware to monitor their spouses or intimate partners. 

Stalkerware has been criticized because of its use by attackers, abusers, stalkers, and employers. With the use of Stalkware abusers can remotely get access to victims’ devices including web searches, locations, photos, text messages, voice calls, and much more. Such programs are easy to buy and install, hence it leads to more cyber risks for the public. 

These tools exploit vulnerabilities in the security of modern mobile operating systems. These programs run hidden in the background, without the consent of the victim. Kaspersky's TinyCheck is a program that can identify activity associated with stalkerware in a non-invasive way by running on an external device (Raspberry Pi) and monitoring its outgoing traffic via WiFi. 

How TinyCheck Work? 

TinyCheck scans a device’s outgoing traffic, using a regular Wi-Fi connection, and identifies interactions with known sources, such as stalkerware-related servers, it can be used to check any device and on any platform, including iOS, Android, or any other OS.

Also, users don’t have to install it on their devices because it works separately (on a Raspberry Pi) to avoid being detected by a stalker. Additionally, TinyCheck is available for everyone, it does not charge a fee. 

It is a safe and open-source tool that can be used by NGOs and police units to help support victims of cyberstalking. At present many NGOs use this program, however, it should be noted that this program is not recommended for independent individual use. The organization recommended users get in touch with a local support institution before starting the scan to get advice and support if stalkerware is running on their devices.