Thousands of Snapchat images may have been hacked via a third-party image-saving service

15 Comments

The database of a Snapchat image-saving service — not associated with Snapchat itself — has allegedly been hacked, and the hackers have claimed on 4chan that they will make hundreds of thousands of Snapchat users’ private images and videos available in a searchable database.

Snapchat’s popular service lets people send each other self-destructing pictures, but there are ways to get round this limitation. There seems to be some confusion as to whether the affected image-saving service was Snapsave, an Android app that is no longer available in the [company]Google[/company] Play Store, or (as Business Insider has reported) a now-defunct site called SnapSaved.com, but either way we’re talking about a service that lets the recipients of Snapchat pictures save them for repeated viewing, without notifying the sender of this.

There are several 4chan threads relating to this so-called “Snappening” – some referred to the recent hack of celebrities’ nude selfies that were stored in Apple’s iCloud as the “Fappening” – and there is no way I’m linking to them, because the 4chan forum is not a good place (I’m feeling somewhat depressed after my visit this morning, to be honest). Here’s a limited and nasty screenshot though:

Snapchat 4chan thread

The truth of the matter is of course hard to pin down right now, but earlier this week an anonymous poster said he had hacked into the image-saving service’s cloud server, and some pictures were apparently posted on 4chan as “proof.”

I actually didn’t see that thread myself, which is fine with me – given Snapchat’s youth-skewed demographic, a good number of them will almost certainly qualify as child pornography. However, I have seen some so-called “PG-13” images from the “proof” dump on a blogger’s website, which I would link to if it weren’t for the fact that the images still violate the victims’ privacy. (The blogger also links to many of the celebrity images from the earlier hack, which is not OK.)

As a Friday article in Norway’s Dagbladet stated, a raw index of the images was then posted on Thursday – according to the aforementioned blog, this seems to have been posted on a website called Viralpop, which was suspended by its host hours later.

There are allegedly 200,000 of these images, and the hackers claim they are preparing a site where they will be searchable by the victims’ Snapchat user IDs.

“We can confirm that Snapchat’s servers were never breached and were not the source of these leaks,” Snapchat said in an emailed statement on Friday. “Snapchatters were victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security. We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed.”

Of course, there’s a good chance that many of these photos will be entirely innocuous. Snapchat isn’t only used for sexting, but that is a frequent use case and, given what services such as Snapsave/SnapSaved are for, many if not most of these pictures will likely be sexual in nature. Again – this cannot be stressed enough – Snapchat is used by a lot of kids and many of these images are probably highly illegal.

This article was updated at 7am PT to include Snapchat’s statement. I’m afraid I have no idea how to contact the Snapsave or SnapSaved developers to get their side of the story.

15 Comments

Aaron Terry

Imagine what else is hacked and we dont even know about it. Cloud is not secure, that is why I use Binfer’s cloudless sharing.

monkey

Lol if any sysadmin ever reads these comments, they are just laughing at how nieve the american public in particular has gotten. you and your children were all owned long ago, and bought into carrying cameras, mics, and gps radio transmitters. Its a combination of user and corporate AND federal fault. But guess what the corporate end and federal end want you to carry these devices, so incentize you to do it. So yes these two parties are too blame, becuase civilian populations are heavily managed and honestly don’t have huge deviations in thought from what the top down picture is suppoed to be.

tl;dr you were all owned in the 90s, and didnt even know it. Suckers.

Bob

Maybe they shouldn’t send pictures of their weiners and boobies in the first place. They are not victims. They are stupid.

WorriedParent

If the images are child pornography, why isn’t snapchat/snapsave liable for hosting and transmission? They know what’s going on in their networks. The traffic isn’t encrypted. They could easily apply machine learning algorithms to identify nudity and stop it. It’s even possible that they are making their own sick collections of our children.

This is like a landlord who knows his tenants are selling crack cocaine. When are we going to stop these child pornographers from exploiting millions of tweens for their billion dollar stock market valuations?

Anonymous

When worried parents stop giving their children the tools needed to create it through pictures and videos they take of themselves, disallow emails/SMS, and actually monitor their childrens internet usage like it was advised in the 90’s.

Jim Russell

That’s smart. Blame the victims, not the publicly traded company facilitating child pornography distribution.

ANONYMOUS

The traffic is encrypted, and what’s more, Snapchat did what they could to eradicate the apps (hence why they are no longer available). I am victim blaming in no way whatsoever, but some responsibility DOES lie with the parents. Nurture a sense of self preservation into children and they will understand sending pictures of their nether regions is not ok and that it could certainly fall into the wrong hands. If you have such an issue with the apps, do what you can to prevent your kids from using it.

To put this in context, I am a teenager who uses snapchat. I’m not observing from the outside, this is my reality.

WorriedParent

Reread what you just said. “I’m not blaming the victim… but it’s the user’s own fault.”

The pictures themselves are not encrypted. They arrive at Snapchat servers that way. Do you really believe a company built by frat boys will simply ignore gigabytes of teenage girls sitting on their servers? Is it any less suspicious that those messages that are “deleted” are still easily recoverable on the recipient device as well? Strange how it’s almost like this was the plan…

This is going to be a real tragedy for thousands of kids all over the country. Lots of these kids struggle with depression already. I fear for what they will do when these leaks wreck their young lives. Celebs can go cry on a pile of money. Regular kids won’t have any such luxuries.

jeff

I don’t think you understand the concept of how the images were “supposedly” leaked.. Whoever was getting the snapchat picture would use a 3rd party app meaning not part of snapchat its self that would capture the image on the phones screen when you got a snapchat and then upload that image to a server to save.. So really the blame would be on the people who used the 3rd party apps to save the images in the first place. Atleast that is what I got out of the story..

WorriedParent

I understand the leak perfectly. These pictures first traveled through Snapchat servers unencrypted. There, Snapchat could have easily run them through a nudity detection algorithm and removed any lewd photos automatically. Problem solved.

Snapchat has an obligation to do this, because their app is heavily used by the younger demographic, and they know that the app is being used for sexting. This is the same thing that got Napster shut down. They knew their app was being used for copyright infringement and they did nothing to prevent it.

Bob

Maybe they shouldn’t send pictures of their weiners and boobies in the first place. They are not victims. They are stupid.

Comments are closed.