The AgainstTheWest (aka BlueHornet) group claims to have acquired a huge 790 GB dump after successfully hacking TikTok and WeChat. Allegedly, the hackers managed to steal user data, platform statistics, source codes, cookies, authentication tokens, server information and much more. TikTok claims that the hack claims are false.
The hackers boasted that they hacked into TikTok and WeChat (allegedly finding information in the Alibaba cloud) late last week. They shared screenshots of a stolen database allegedly owned by companies. According to the attackers, in total they managed to get access to 2.05 billion records and a huge database with a total volume of 790 GB.
“Who would have thought that TikTok is storing all of its internal backend source code in Alibaba Cloud using a questionable password,” the hackers wrote.
At the same time, information security researchers note that the name of the group can be misleading. Although the name AgainstTheWest literally translates as “Against the West”, and it seems that the group is targeting Western countries, in fact, the attackers claim that they, on the contrary, only attack countries and companies that are hostile to Western interests.
TikTok has been contacted by Bleeping Computer and the company said the hack claims are false.
“These statements are not true. Our security team has reviewed these claims and determined that the source code in question is not related in any way to the source code of the TikTok backend, which, moreover, has never merged its data with WeChat, ”the company says.
TikTok also said that the leak of user data could not be the result of a direct platform hack, as TikTok has security measures in place to prevent automatic collection of user information.
WeChat has yet to respond to inquiries from journalists.
It must be said that this potential leak caused many questions and doubts among security experts. X Although WeChat and TikTok are Chinese companies, the former is owned by Tencent and the latter by ByteDance. That is, the common database that hackers write about is already quite strange, and it is unlikely that the platforms themselves have been hacked. Most likely, the insecure database was collected by a third-party data scraper or broker, which combined the public data of both services and collected them into a single database.
Well-known information security expert, founder of the HaveIBeenPwned leak aggregator, Troy Hunt, came to approximately these conclusions. On Twitter, he writes that he studied the leak, and some of the data actually turned out to be valid. However, Hunt was never able to find anything other than public TikTok data.
Similar conclusions were drawn by another information security expert and bughunter, Bob Diachenko. He also confirms the authenticity of the leaked user data, but cannot say anything specific about their origin. Dyachenko is inclined to the version that the database was leaked by some third party, suspecting Hangzhou Julun Network Technology Co., Ltd.