Security Researchers Gave Snapchat A Nasty Christmas Present By Telling The World How To Hack Snapchat
That's because these same researchers just published detailed instructions on how to hack Snapchat.The researchers, who call their company Gibson Security, were frustrated that Snapchat had ignored their previous work, sent to Snapchat in August, they said. That's when they had found a bunch of security holes in the photo-texting service. They told Snapchat about the holes (called "exploits" in security lingo) trying to get Snapchat to fix them.Advertisement
In the document that tells the world about the holes, the researchers explain:
"Given that it's been around four months since our last Snapchat release, we figured we'd do a refresher on the latest version, and see which of the released exploits had been fixed (full disclosure: none of them).... we decided that it was in everyone's best interests for us to post a full disclosure of everything we've found in our past months of
We asked the researchers to explain a little better what other hackers could do with the info they released.Business Insider: Does the info you disclosed allow a programmer/hacker to grab and view unopened Snaps? Opened Snaps? Gibson Security: No it does not, but rather what we disclosed allows you to obtain the phone number of any Snapchat user without their permission.Advertisement
BI: Your document talks about the Android Snapchat app. Does it threaten iPhone users, too?
GS: Everything we disclosed works on iPhone and Android users.BI: What are you hoping to accomplish by publishing this hacking blueprint?Advertisement
GS: We wish that Snapchat audits their code and improves how security and bugs are handled in the company.
Note that publishing exploits is a common tactic among security researchers if an app developer ignores them. It's called "full disclosure" and its got a "blackmail for the good of society" flavor about it. The idea is to force companies to beef up their security by exposing the weaknesses to the world.It's a little like a security guard finding an open window in an office building, telling the building owner to close and lock the window and, if ignored for a month or more, telling all interested thieves about the open window and what to steal inside.Advertisement
In this case, by exposing the phone numbers and user names of Snapchat users, the researchers say hackers could "automatically build profiles about [Snapchat] users, which could be sold for a lot of money," they told ZDNet.
Snapchat is an app that lets you send self-destructing photos. After a photo is viewed, it's supposed to be deleted. That's one reason, it has become popular for sexting (sending sexy photos). In May, Snapchat acknowledged that there are circumstances when it might be possible for hackers or others to get a hold of the photos.We've asked Snapchat for comment about exposed phone numbers and will update the story if we hear back.Advertisement
- SEBI issues procedural guidelines for proxy advisors
- Bandhan Bank promoter sells 21% stake to meet RBI norms
- Air India pilots allege blatant discrimination by management
- Reliance Industries and bank shares tumble and topple Sensex as bears look to clear the froth in the price
- Twitter plans 'Undo Send' button with paid subscription service