When you’re an employee at TikTok/ByteDance, you have to use an app called Lark. It’s a proprietary app that’s kind of like a combination of slack, outlook, etc. Through a private Blind Chat, we recently discovered that the android version has a Trojan Horse Malware. Thought people should know. TikTok/ByteDance rarely provides company phones. 95-99% of employees use their personal phones for work. This malware is on employee’s personal phones if they have android.
I am no security expert but looks like it has permission to do whatever it wants on your Android device
That’s exactly what it is
May be they should change app name to Lurk from Lark 😆
Is this app only installed on company phone/devices ? Then they have the right to monitor those devices. Every company does this.
No. We don’t have company phones. We use our personal devices.
Ooh then that is fucked up. I would never allow any company to install a app on my personal phone. Definitely concerning. They could be tracking all your private activities as well. If someone REs the APK and can prove they are doing something fishy they are in for a huge lawsuit.
Most trading places have employees download something which can technically control your phone. Citadel does it as well
Did you find any suspicious activities or package / library for "Trojan Horse Malware"? Are you just concerned about the app permissions?
No, he did not. Clearly a drama major.
I should have known… Is this only for android? Any vulnerability in ios?
Android only.
Every company controls the phone the moment you install Outlook and Teams. It's a protection mechanism. I think you are worrying too much..
ByteDance having the ability to have complete control over our personal phones and then them obfuscating it is, indeed, worrisome. It is next to mandatory that we have these apps downloaded on our phones.
You have a choice not to install.. but if you want to install it, the company needs to monitor it. To protect its information..
Nothing to worry here. CCP will patch it
WTF. I am already paranoid about having anything on my phone... can't imagine having to deal with this :/ I guess the only solution would be to get a 2nd phone that you only use for work (which sucks big time since you'd have to buy it yourself)
Tech Industry
Yesterday
682
Database companies that pay well for Staff SWE
India
4h
520
What do vegetarian Indians eat for protein?
Tech Industry
Yesterday
332
Should Amazon buy TikTok?
Ask Blinders
Yesterday
866
Why is our country owned by Israel? I don't want my tax dollars fund genocide. How can we stop this nonsense?
Tech Industry
Yesterday
477
Bitcoin is the only possible future
Honestly this seems like a big deal and I’ve been having a panic attack since I found out. This company is cruel to its workers. If you’re here to say anything stupid about “well you work for the CCP” please understand that most of us who work in the US are just chasing a paycheck like 99% of American workers.
Im thinking this post will be taken down because hurr durr HR bots