As many as 200,000 images sent via the photo-messaging app Snapchat have been posted online.
As we reported on Friday, anonymous hackers – posting on the imageboard website 4chan – claimed they had they have obtained the pictures and would soon be releasing them in a leak they dubbed ‘The Snappening’.
Despite rumours of a hoax, The Guardian has confirmed the leak to be genuine. However, it appears the website snapsaved.com – a service that allows Snapchat to be used on a desktop computer – has been breached, rather than initial reports believing the app Snapsave has been attacked.
Snapchat works by deleting images automatically just seconds after being opened. But it appears Snapsaved.com, has been saving users’ login details and storing the photos and videos that were posted. The website is currently offline.
In response to the rumours, Snapchat released a statement on Friday asserting their own servers have not been compromised.
“We can confirm that Snapchat’s servers were never breached and were not the source of these leaks,” wrote the company.
“Snapchatters were victimised by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security.
“We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed.”
Going underground
4chan conversations about the hack were initially uncovered by social media strategist Kenny Withers, who posted screenshots of the threads on his own website. Withers found the hackers had already circulated some explicit images through 4chan but were holding off posting the entire database until it could be placed on a separate website. They did, however, post a raw list of the images on the website viralpop.com/snapsaved. The website shut down soon after.
Posting over the weekend, Withers reported that the group had moved discussions of the leak to an underground website after 4chan removed all threads related to The Snappening.
According to statistics posed by Digiday, 50pc of Snapchat users are between 13 and 17 years old. Observers have suggested that anyone who downloads the leak could be in breach of child pornography laws. According to one Reddit thread, of the 13.6GB on images, about 100MB are of an explicit nature.
Hollywood hack
It is suspected that the hackers responsible for the leak are the same group that attacked the smartphones and cloud accounts of Hollywood stars including Jennifer Lawrence, Kate Upton and Kirsten Dunst, and began publishing private photos on sites such as 4chan, Reddit and AnonIB. In the aftermath, Apple defended its iCloud service, claiming the accounts came under a deliberate and targeted attack that leveraged weak passwords.
In January, just hours after Snapchat announced its new verification system to prevent hackers from accessing account details and images, computer engineer Steve Hickson devised a code to bypass it.
Snapchat’s verification model had been designed to be incapable of being read by computers, as it would require a person to identify the ghost from the Snapchat logo among a panel of nine images. Hickson, however, wrote a code that recognised the colour of the logo and discerned it from the rest of the images.
Snapchat image via Shutterstock
