Hacking Group AgainstTheWest Claims to Have Leaked User Data and Source Code.
On Friday, September 2, 2022, information emerged on a hacking forum about a data breach that affected TikTok and WeChat social networks. Representatives of TikTok denied firmly the allegation of stolen data.
The claim was made by AgainstTheWest, a hacking group that posted screenshots of the database which supposedly was extracted from the two companies.
An Alibaba cloud instance was pointed to contain a huge 790GB database with 2.05 billion records. The extracted information contains, but doesn’t limit to: user data, platform statistics, software code, cookies, auth tokens, and server info.
Who is AgainstTheWest (ATW)?
AgainstTheWest seems to be a gang of six hackers, active since October 2021, that started a crusade against organizations that they perceive hostile to the West.
“Don’t let the name confuse you, ATW targets countries they perceive to be a threat to western society, currently they are targeting China and Russia and have plans to target North Korea, Belarus and Iran in the future”, according to CyberKnow.
WeChat and TikTok are indeed both Chinese firms, but they belong to different owners: WeChat is owned by Tencent, and TikTok by ByteDance. This leads us to the idea that the common database that has been posted may be created by a third actor, and was not directly breached on the two platforms.
“The two companies are constantly in the spotlight of privacy investigations by national services, so finding such a rich cloud instance containing both companies’ data is raising suspicions.”source
Was There a Data Breach or Not?
TikTok was the one who responded to the information about the data breach and called all the allegations false, indicating the source code posted by hackers as not part of the social network platform.
“This is an incorrect claim — our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code, which has never been merged with WeChat data.” – TikTok told BleepingComputer.
The social network experts argue furthermore that they implemented appropriate security precautions to stop automated scripts from accumulating user information.
Independent parties like Troy Hunt and Bob Diachenko have their opinions also.
Bob Diachenko, a database hunter, validated the leaked database as being legit, but could not confirm the breach as he could not trace the origin of the data.
Troy Hunt, the creator of the HaveIBeenPwned data breach notification service, confirmed in a Twitter thread that some of the data were valid. However, Hunt could not find anything that is not publicly available in TikTok, thus proving an internal systems breach.source
The case is still to unfold but if the stolen data prove to be real, TikTok will have to work to reduce the effects of the leak even if it was not caused by a data breach.
This event comes in a period in which the social network platform has been in the public eye for issues of data privacy and security.
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- Android puzzle game with over one million downloads reveals user information - 3 December 2022
- Nvidia patches 29 GPU driver bugs that could lead to code execution, device takeover - 2 December 2022
- Online disclosure of 5+ million Twitter users’ stolen information - 30 November 2022