Snapchat security exploit could reportedly let hackers steal phone numbers

by: Andrew GrushDecember 27, 2013


Going back as far as August, the Gibson Security research team has reportedly attempted to warn Snapchat multiple times about security issues that could affect both the Android and iOS versions of the app.

Despite their warnings, the research group says that Snapchat has yet to address the problem, and therefore the group has decided to publish the exploit details to the public. The idea is that by making these issues known, the research group will force Snapchat to react, and hopefully promptly patch up the holes in their code that allow the exploits to work.

So what kind of exploits are we talking about exactly? The first bug could allow hackers to potentially gather up phone numbers, names and aliases from accounts in large batches. Even private accounts are apparently at risk of this particular hack. As for the second exploit, basically it’s possible to create tons of dummy accounts, which could then be used for spamming, spying and various other scams.

Now that the security exploits have been detailed online, we don’t doubt that Snapchat will work as quickly as possible to resolve the issues. Still, we have to wonder why they didn’t take the problem seriously when they were first contacted about four months earlier.

Making matters worse, the security research team claims that fixing the exploits would be about as easy as rewriting ten lines of code.

They’ve had four months, if they can’t rewrite ten lines of code in that time they should fire their development team. This exploit wouldn’t have appeared if they followed the best practices and focused on security (which they should be, considering the use cases of the app).

We’ve reached out to Snapchat asking for further clarification on the matter and will be sure to update if and when we learn more. In the meantime, just be aware that if you use Snapchat, there are a few potential security issues with the service. Whether that’s a deal-breaker for using Snapchat or not is up to you.

For more technical details on what is evolved when it comes to the two exploits, you’ll want to head on over to Gibson Security’s website.

  • MadCowOnAStick

    and this, is why i don’t have too many apps that i probably won’t even use that mch

  • MasterMuffin

    The picture suits their dev team perfectly “I dunno what I’m doing” :D This is one of the reasons why I don’t use any 3rd party “cool” web messaging apps (one of the reasons is also the fact that everyone uses different messaging app so using sms is the easier way)

  • Albert Espinosa

    Take my number, idgaf.. What can you do?

    • MadCowOnAStick

      uh, send you spam duh

  • julio

    I’m a victim when it came to somebody trying to ruin my life by exploitimg me all over the internet and only god knows what else she did. I’d like to know one day!