Mobile Security Blog | Pradeo

TikTok, a leakware installed on 2 billion mobile devices

Written by Roxane Suau | March 15, 2023

Over the past two weeks, the White House, Canada, the European Union and several countries in Europe have banned the use of the mobile application TikTok by their members and agencies.

TikTok is a Chinese video sharing application that has been installed more than 2 billion times worldwide on Android and iOS. Since 2020, it has been in the news regularly for allegedly spying on its users.

"We should not be naive: TikTok is a Chinese company that is now forced to cooperate with Chinese intelligence services. This is the reality," said Belgian Prime Minister Alexander De Croo.

This news highlights a widespread practice which consists in leveraging mobile applications to excessively collect users' personal data. But beyond TikTok, millions of popular official applications share the same practices.

 

A leakware among many others

The results of our analysis are unequivocal: TikTok collects a lot of personal data that are not necessary for its operation. By definition, this puts TikTok in the category of Leakware, also known as Greyware. The term refers to applications that massively collect their users' data and send it out of their devices. For the first time this year, Gartner included the concept of Leakware in its Market Guide for Mobile Threat Defense.

However, it is since the beginning of the application model that grayware are a danger to the privacy of their users, and by extension to companies with mobile fleets. While TikTok is in the news due to public awareness of its intrusive behavior, this alert illustrates the ease with which any mobile application can sneak into our daily lives and know everything about us.

 

What data does TikTok actually collect?

The TikTok application collects the following data and sends it to its servers in the United States and Singapore. It is then accessed by ByteDance Group employees in the following countries: Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea and the United States

  • Geolocation
  • Identification data : Name and first name, email and physical addresses, phone number, age range, date of birth
  • Messages
  • Photos and videos
  • Audio
  • Contact list
  • Web browsing history
  • Device identification information

 

How to neutralize leakware?

The great popularity of TikTok makes its use very difficult to avoid. Information campaigns quickly reach their limits and do not enable a reliable prevention. On the other hand, banning the application from a territory would only shift the danger by opening the door to downloads of counterfeit applications, in other words clones that are in most cases injected with malware.

For individuals, we advise to always carefully consider the permissions requested by all installed applications, and to refuse those that seem unnecessary. This will enable to prevent a large number of abusive data collection.

For organizations, implementing a Mobile Threat Defense solution is the only way to neutralize the risks associated with leakware applications. However, not all of them detect this specific threat. Pradeo's solution, thanks to its engine specialized in the analysis of mobile applications, ensures a reliable detection of the proven behaviors of all applications, whether they are declared or not by the companies that own them. Thus, no surprise, if an application collects data that is sensitive for the company's activity (contact, localization, ...), it will be automatically blocked according to predefined rules.

Pradeo's solution is used worldwide by governments and private companies. To get a demonstration and a free trial, fill in this form.