New Years Day Snapchat Hacked

Discussion in 'News Aggregator' started by Mr. Penguin, 2 Jan 2014.

  1. Mr. Penguin

    Mr. Penguin Administrator
    Staff Member Admin Moderator VIP

    Joined:
    18 May 2012
    Messages:
    3,086
    Likes Received:
    1,186
    Trophy Points:
    351
    Last week, on December 25, an Australian research firm published the details on a major security weakness in Snapchat.

    Today, it appears that someone has used that exploit to collect 4.6 million usernames, and their associated phone numbers, and publish them on a website.

    Check here to see if your details were one of those leaked: GS Lookup - Snapchat

    Snapchat users can breathe easy — for a minute or two. For now, the phone numbers don’t include the last two digits. It’s also not clear how legitimate this data is, although The Next Web reports that there is now a web-based Snapchat checker script that can check any username to see if it’s in the database.

    Dazzlepod, a site that aims to help people find out if their account information has been compromised in various security leaks, also has published asearchable version of the Snapchat list, so you can look for your username.

    The site, Snapchat.db, is pretty straightforward: You can download all 4.6 million records as a SQL dump or as a CSV text file. “For now, we have censored the last two digits of the phone numbers in order to minimize spam and abuse,” the site says. “Feel free to contact us to ask for the uncensored database. Under certain circumstances, we may agree to release it.”

    Just below that is information that people can use to send Bitcoin donations or to send a private message to the site’s creators.

    Snapchat.db appears to be made possible thanks to a massive Snapchat security hole that Gibson Research published on Christmas day, allowing hackers to use Snapchat’s API to match usernames with phone numbers, and to create bogus accounts en masse. The researchers told ZDNet at the time that hackers could use the exploit to “automatically build profiles about users, which could be sold for a lot of money.”

    Gibson Research also noted that Snapchat had known about the vulnerability for four months, and alleged that the company could have fixed it with “ten lines of code.”

    Source: Snapchat cracked: 4.6 million usernames and phone numbers apparently published | VentureBeat | Security | by Dylan Tweney
     
Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K