Analysis of Risk Control Vulnerabilities Exposed by Kuaishou Live Streaming Security Incident

At around 22:00 on December 22, 2025, Kuaishou (01024.HK)'s live streaming function was hit by a large-scale black industry attack. A flood of non-compliant content involving obscenity, pornography, bloody violence, etc., poured into the platform’s live streaming channels, forcing an emergency shutdown of the live streaming function for nearly 4 hours [0]. This incident exposed multiple vulnerabilities in Kuaishou’s risk control system.

According to experts from 360 Digital Security Group, attackers most likely exploited the underlying vulnerabilities in Kuaishou’s live streaming push interfaces to bypass the platform’s real-name authentication and content review links [0][1]. This indicates that Kuaishou has serious flaws in interface security design and failed to effectively identify and block abnormal traffic and unconventional requests.

According to eyewitness descriptions, non-compliant live rooms showed obvious “automated” characteristics: a large number of newly registered novice accounts or zombie accounts started broadcasting collectively at the same time, playing pre-recorded illegal videos [0]. This exposes major vulnerabilities in Kuaishou’s identity verification mechanism during account registration, allowing black industry gangs to register a large number of accounts in a short time to launch attacks.

Qu Zilong, founder of Network尖刀, pointed out that under normal circumstances, the platform relies on AI + manual video content review services, but when a concentrated outbreak of videos requiring identification occurs, the review system suffers from an effect similar to a DDoS attack, with a large number of review tasks flooding in causing queue congestion and failure [2]. This reflects that Kuaishou’s review system lacks elastic expansion capabilities to deal with sudden large-scale attacks.

In the face of the sudden large-scale attack, Kuaishou finally took the emergency measure of “indiscriminately shutting down” the entire live streaming channel [0]. Qu Diaolong, a network security expert, said, “No emergency measures are the most serious problem” [2]. This simple and crude shutdown method prevented the spread of non-compliant content, but also exposed the platform’s technical shortcomings in lacking a refined hierarchical response mechanism.

From the outbreak of the incident at 22:00 on the 22nd to the complete shutdown of the live streaming function at 00:30 on the 23rd, and then to the basic recovery to normal at 2:00 the next morning, the entire disposal process lasted nearly 4 hours [0][1]. In the Internet era where information spreads extremely fast, such a long recovery time means that the platform’s ability to respond to systemic risks is seriously insufficient.

Kuaishou is not the first time to have similar problems. From historical records:

• In April 2018, the State Cyberspace Administration notified Kuaishou of spreading vulgar and bad information involving minors and ordered the suspension of relevant algorithm recommendation functions [3]
• In April 2024, Ordos police investigated Kuaishou users for spreading obscene and vulgar content, and the parties were detained for administrative punishment [3]
• In November 2024, public security organs gave Kuaishou a warning punishment in accordance with the “Network Security Law” [3]
• On December 5, 2025, the 44 million fan anchor “Liu Ergou” held an edge-ball live broadcast, and the platform only took punishment measures on the 16th [3]

Although Kuaishou has been subject to regulatory punishments many times due to content supervision issues, content chaos still persists despite repeated bans [1][3]. This cycle of “punishment - rectification - re-violation” indicates that the platform’s governance mechanism has systemic failures, with insufficient punishment deterrence and low violation costs.

Kuaishou is eager to achieve commercial monetization, pursuing short-term traffic revenue in fierce market competition, and either turning a blind eye to violations or lacking supervision [3]. Content creators tend to chase hot topics, create conflicts, or even cross the line to gain more exposure and revenue, while the platform takes a tolerant attitude to maintain user activity, forming a vicious cycle of “bad money driving out good money”.

1. Strengthen Technical Defenses
   : Conduct a comprehensive investigation of live streaming push interface vulnerabilities and establish multi-layer protection mechanisms
2. Improve Review Capabilities
   : Significantly enhance the concurrent processing capability of the AI review system and establish an elastic expansion mechanism
3. Perfect Emergency Response
   : Establish hierarchical response plans to ensure rapid and precise disposal in extreme situations
4. Strengthen Account Management
   : Raise the threshold for new account registration and add abnormal behavior detection mechanisms
5. Balance Commercialization and Compliance
   : Re-examine commercialization strategies and incorporate content security into core KPI assessments

[0] SecRss - “Kuaishou Emergency Cuts Off Live Streaming Function Due to Obscene Content; Technical Personnel: Risk Control Defense System Has Obvious Vulnerabilities” (https://www.secrss.com/articles/86313)

[1] Sohu - “Behind Kuaishou’s Black Industry Attack Incident: Shortcomings in Risk Defense System, Persistent Content Chaos Despite Repeated Bans” (https://m.sohu.com/a/969654646_674046)

[2] The Paper - “Network Security Experts Review ‘Kuaishou Attacked’: Unprecedented Attack, No Emergency Measures Are the Most Serious Problem” (https://www.thepaper.cn/newsDetail_forward_32235282)

[3] Guancha.cn - “Infringement Compensation of 89.1 Million Yuan: Kuaishou’s Regulatory Disorder, Where Is the Original Intention?” (https://user.guancha.cn/main/content?id=1508637)