Hundreds of thousands of Snapchat images may have been hacked (updated)

10 Oct 2014

Hackers say they are in possession of 200,000 images sent via the photo messaging app Snapchat and have claimed they will release a searchable database of the material online.

Posting on imageboard website 4chan, the anonymous users say they have obtained the pictures by hacking the cloud service Snapsave.

While Snapchat works by deleting images automatically just seconds after being opened, Snapsave, which is not endorsed by Snapchat, allows users to see the picture as many times as they like without notifying senders.

4chan conversations about the hack – which has been dubbed ‘The Snappening’ – have been uncovered by social media strategist Kenny Withers, who posted screenshots of the threads on his own website.

Withers found the hackers had already circulated some explicit images through 4chan but were holding off posting the entire database until it could be placed on a separate website that would make the images searchable. They did, however, post a raw list of the images on the website viralpop.com/snapsaved. The website shut down soon after.

Another high-profile hack

The news comes just weeks after hackers attacked the smartphones and cloud accounts of Hollywood stars including Jennifer Lawrence, Kate Upton and Kirsten Dunst, and began publishing private photos on sites such as 4chan, Reddit and AnonIB. In the aftermath, Apple defended its iCloud service, claiming the accounts came under a deliberate and targeted attack that leveraged weak passwords.

According to statistics posed by Digiday, 50pc of Snapchat users are between 13 and 17 years old.

In January, just hours after Snapchat announced its new verification system to prevent hackers from accessing account details and images, computer engineer Steve Hickson devised a code to bypass it.

Snapchat’s verification model had been designed to be incapable of being read by computers, as it would require a person to identify the ghost from the Snapchat logo among a panel of nine images. Hickson, however, wrote a code that recognised the colour of the logo and discerned it from the rest of the images.

Update: Snapchat have released a statement to Venturebeat asserting that their own servers have not been compromised and alluding to Snapsave being the source of the leak.

“We can confirm that Snapchat’s servers were never breached and were not the source of these leaks. Snapchatters were victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security. We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed,” read the statement.

The company also posted the following via Twitter:

Snapchat image via Shutterstock

Dean Van Nguyen was a contributor to Silicon Republic

editorial@siliconrepublic.com