Thousands of private photos — apparently sent via Snapchat — were leaked online by hackers who got their hands on the images without ever breaching the app’s servers.
Up to 200,000 explicit photos obtained from Snapchat users have been published online. Hackers got into Snapchat’s system using a third party app, and the images have now been circulated, reports The Guardian.
The trove of private snaps were first posted online at a fake website called viralpop.com, which was deleted after they were downloaded by users. They went on to share the files on 4Chan, according to The Daily Beast.
4Chan did not immediately respond to ABC News’ request for comment, however the leak — which has been dubbed, “The Snappening” — is being discussed in a slew of threads on the image sharing board.
The massive pilfering of private snaps, which comes on the heels of the celebrity photo hack, has shifted attention to third party apps that allow Snapchat recipients to surreptitiously save the otherwise ephemeral photos.
The massive pilfering of private snaps, which comes on the heels of the celebrity photo hack, has shifted attention to third party apps that allow Snapchat recipients to surreptitiously save the otherwise ephemeral photos.
Users on the 4Chan forum, where numerous celebrity leaks have been posted, claimed that they got into Snapchat’s system using third-party app Snapsave, which enables Snapchat users to screenshot the images they receive in order to keep pictures which would otherwise expire.
The hackers had threatened to publish the images on Saturday (October 11), saying that they had saved users’ login details from the third party app and stored images over a number of years.
“We can confirm that Snapchat’s servers were never breached and were not the source of these leaks,” the company said in a statement issued over the weekend.
Days after the breach first came to light, a search of Google Play and Apple’s app store reveals a number of third party applications that promise to save Snapchat images and videos to the recipient’s camera roll without the sender ever knowing.
Many of the services are easy to use and work the same way. Users simply log on to the service using their Snapchat credentials and then are free to save videos and photos they receive via Snapchat.
While the use of these sites may violate Snapchat’s terms of service, Robert Siciliano, a McAfee online security expert, said Snapchat users should not have a reasonable expectation that their snaps will remain private.
“The mere fact that apps exist that have essentially reverse engineered Snapchat API means that the technology is vulnerable,” Siciliano told ABC News. “Additionally anyone that understands the very basics of how [a] mobile phone works recognizes a simple screenshot, it captures any photo forever.”
Snapchat says it is focused on user privacy, however a disclaimer posted on their website adds that “we cannot and do not represent or warrant that the services will always be secure or error-free or that the services will always function without delays, disruptions or imperfections.”
[…] 200,000 private photos from Snapchat leaked online by hackers who access to them without ever breaching app's servers using 3rd party apphttps://thewestsidestory.net/2014/10/13/18742/200000-private-photos-snapchat-leaked-online-hackers/ […]
What’s of contention is where the files originated from with an anonymous pastebin user now saying that a snapsaved administrator provided the files after uploading to an unintended site, claims that are being contested. Nevertheless another pastebin user yesterday afternoon offered to sell a cache of files containing the contents of the server in question, based on timestamps and other data, and includes 88,521 still images and 9,173 videos….
http://scallywagandvagabond.com/2014/10/snappening-leaks-real-90k-photos-videos-content-explicit/