Australian Hackers Reveal Security Issues For Snapchat Users

Australian Hackers Reveal Security Issues For Snapchat Users

API exploits security issues Snapchat

December 27th, 2013 By:

(The Hosting News) – A group of Australian hackers recently published exploits for the popular photo sharing app, Snapchat, in which they expose security issues within the app, states a report from ZDNet.

On Tuesday, Gibson Security released undocumented developer hooks (API) and two codes for exploits that show how users can match phone numbers with names on accounts.

“We decided that it was in everyone’s best interests for us to post a full disclosure of everything we’ve found in our past months of hacking the Gibson,” states the security group on their website.

According to Gibson, Snapchat founders have ignored the security exploits since they first exposed them in August and can easily be fixed with “ten lines of coding.”

“This is one of our personal favorites since it’s just so ridiculously easy to exploit. A single request (once logged in, of course!) to /ph/find_friends can find out whether or not a phone number is attached to an account. This is one of the things we initially wrote about in our previous release, approximately four months ago (at the time of writing)! They’ve yet to add any rate limiting to this, so we thought we’d add a non-watered down version of the exploit to this release; maybe Evan Spiegel will fix it when someone finds his phone number via this?”

Not only can the security issues found be used for targeting scamming, but can also be used for stalking.


SPONSOR SHOWCASE
Caronet Cloud - VMware Private and Public Cloud

* No Force-Fitting Configurations - Build to Your Requirements
* Enhanced Security, High Performance and Robust Infrastructure
* Fully-Redundant Architecture Built for High Reliability
* RESTful API - User Friendly & Syncs Easily with Current Programming
* Enterprise Level Support 24 x 7 x365