Need help identifying if this is a fake TikTok app or not.

DeletedUser88

Created a new profile to install TikTok (Lite version specifically) and installed this app (that I believe to be a fake app). Here is a link to its Play Store page.

The official TikTok Lite app is this one.

There are a few red flags that stood out to me:

Different screenshots used in the description page
Size of app (118mb) is larger than both the official TikTok app (116mb) and the official TikTok Lite app (11mb).
Very different app description.
Package names are different. The app I installed has this package name: "com.ss.android.ugc.tiktok.lite" While the official TikTok app has "com.zhiliaoapp.musically." and the official TikTok Lite app has "com.zhiliaoapp.musically.go"
App has 10M downloads while the official apps have 1B+.
Slightly different UI from official TikTok apps.
App is labelled "TikTok-Lite" when installed while the official TikTok Lite app does not have the dash.
App has an off-centre and smaller icon when installed compared to official app.

However, this app is published by the same developer as the official apps. This developer being "TikTok Pte. Ltd." When I try to view this developer's apps, the app I installed does not show up, not on Aurora Store or the official Play Store.

The app was last updated recently on May 29, 2024.

I did not enter any credentials and the app was isolated in its own user profile. I also rebooted the phone and deleted the app immediately after realizing my mistake.

Is this a malicious app meant to phish user credentials or is it an official, obscure, region locked app that is relatively hidden?

Edit: Hypatia malware scanner with the "Extended database" enabled does not flag any malware but I am still not sure.

mythodical

DeletedUser88 It's a legitimate app published under the same developer profile as the original TikTok app. While I can't explain why the app isn't listed publicly under their profile, I don't believe anyone else can use the same developer ID for illegitimate purposes:

https://play.google.com/store/apps/developer?id=TikTok+Pte.+Ltd.

DeletedUser88

Can't edit post but I wanted to clarify that I scanned with Hypatia while the app was installed to see if it flags it or not. I am not trying to see if there is any leftover malware on my device. That was not the purpose of the scan.

adamtik

i like tiktok lite, it works well

adamtik

adamtik i like download video Tiktok with TiktokSSS: https://tiktoksss.app

mtukl

I know this likely doesn't answer your question directly, but I would highly like discourage you from installing this application, whether it's real or not. While GrapheneOS comes with great security and privacy improvements, it doesn't make you invulnerable - see this amazing article by Proton VPN: https://protonvpn.com/blog/is-tiktok-safe/

Please stay safe and try to avoid TikTok - just a friendly suggestion! :)

HelloMe

mtukl That article is somewhat misleading. It claims Tiktok collects your your device’s IMEI number, which has not been possible since Android 10. Apps can't have access to any other hardware identifiers either. It also does not get your GPS data, uneless you give it permission to access location. Tiktok having your IP address likely doesn't mean much. It's not like IP address gives them your home address. Using apps in-app browser is also likely not a good idea regardless of the app. So you can use Tiktok and be safe, just know that if you give app permission to access data, it can do whatever it wants with it, this goes with any app. No matter is it "good" or "bad" or open source or not

DeletedUser88

mtukl Yes I am aware of the risks of using TikTok. I isolated it in a different profile, gave it no permissions and used a VPN. Thanks for your concern :)

DeletedUser161

Why are there two identical apps with different package names? It's simple on November 9, 2017 TikTok acquired the Musical.ly service (app) later purchased service was merged with TikTok itself and the apps were also unified.
Source Wikipedia

GlytchMeister

I can't provide any answers but I second the advice to avoid tiktok, simply due to the company's behavior and its nature as being an arm of the CCP, which itself has a lot of very privacy-hostile and security-hostile practices, among many other questionable practices outside the scope of this forum.

Proxitok is what I use to view tiktok videos when people insist that I watch them. It doesn't have great functionality, (if anyone wants to contribute, please do!) but pasting tiktok video URLs into the search box generally works.