TikTok has denied having its systems breached as claimed by the hacking group BlueHornet, also known as AgainstTheWest, according to The Hacker News.
BlueHornet has reported in a Breach Forums message board on Saturday that it was able to compromise the social video service's Alibaba Cloud instance, enabling it to access a 790GB database with 2.05 billion records. However, TikTok confirmed that all of the data posted by BlueHornet were already publicly available and not exposed due to a breach of its systems.
"The samples also appear to contain data from one or more third-party sources not affiliated with TikTok. We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community," said a TikTok spokesperson.
Security Discovery Threat Intelligence Researcher Bob Diachenko also noted that while there was a breach, it seems that the data's source was Hangzhou Julun Network Technology Co., Ltd and not TikTok.
BlueHornet's Twitter account has already been suspended after failing to mention that the data leaked was not from TikTok.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.