Snapchat

Snapchat Exploits Could Match Users' Names And Phone Numbers

Two Snapchat exploits and the app's API were published Tuesday. The exploits allow hackers to match names to phone numbers and create fake accounts.

By Adam Falk | December 27, 2013

​Snapchat users, we have some potentially bad news. And it's not going away in six seconds.

According to Gibson Security, two security holes in Snapchat's API allow for the mass matching of names to phone numbers and the rapid creation of fake accounts.

The Australian hacker group says it's known about the exploits for months, citing this release from August. But it reports, as of now, Snapchat hasn't done anything to fix them. So Gibson Security published Snapchat's API and the two hacks on Tuesday.

ZDNet reports the code Gibson published is fully functional. And that's worrying for the app's estimated 8 million users because, as Ars Technica writes,​ "Users of the exploit could take that data and resell it for cash, as well as scam or stalk the Snapchat accounts they've identified."

How exactly the hacks work is pretty complicated.

The "Find Friends" exploit is what someone could use to identify users. It can reportedly match names and numbers, even if the account is private. (Via Apple / Snapchat)

 And it's fast. According to Gibson's calculations, "We can assume that it would take approximately 20 hours for one $10 virtual server to eat through and find every user's phone number." The "Bulk Registration" exploit reportedly allows for account creation. 

This, as Gibson notes, could rapidly create thousands of accounts, which could then spam Snapchat users. (Via Snapchat)

This could all be fixed, according to the hackers. And it would only take 10 lines of code. Gibson tells ZDNet:​ "Snapchat can limit the speed someone can do this, but until they rewrite the feature, they're vulnerable. They've had four months, if they can't rewrite ten lines of code in that time they should fire their development team."

That team has maybe been more focused on its freshly updated app. Now users can add filters and "replay" one snap every 24 hours. (Via Mashable)

Snapchat hasn't responded to any requests for comment on these exploits or even acknowledged whether they exist.

  TRENDING IN Tech NEWS
You can do better than the usual list of common passwords.WATCHLIST
Newsy / Evan Thomas

How To Make Your Passwords Less Hackable

Twitter CEO Jack DorseyWATCHLIST
Getty Images / Bill Pugliano

RIP #RIPTwitter: Twitter CEO Says The Site's Feed Isn’t Changing

Twitter CEO Evan Williams is seen silhouetted against a screen as he shows off the newly revamped Twitter website on September 14, 2010 at Twitter headquarters in San Francisco, California.WATCHLIST
Getty Images / Justin Sullivan

Twitter Might Change Its Feed, And People Are Furious (Again)

Nintendo game character Mario stands next to the new gamer-themed car built by West Coast Customs on November 17, 2011 in Los Angeles, California.WATCHLIST
Getty Images / Kevork Djansezian

Nintendo Puts This Weird Sleep-Tracking Device On Hold

According to Cisco's projections, smartphones will be responsible for a majority of global network traffic by 2020.WATCHLIST
Newsy / Evan Thomas

When Smartphones Will Take Over The Planet

An illuminated sign is seen outside the University of Central Florida's Progress Energy welcome center.WATCHLIST
keone / CC BY SA 2.0

63K Social Security Numbers Stolen In University Hack In Florida

Apple CEO Tim Cook introduces the new iPhone 6s and 6s Plus during a Special Event at Bill Graham Civic Auditorium September 9, 2015 in San Francisco, California.WATCHLIST
Getty Images / Stephen Lam

Apple Just Lost A $626M Lawsuit To A 'Patent Troll'

Taylor Swift And Kim KardashianWATCHLIST
Getty Images / Mark Metcalfe / Kim Kardashian

T-Swift Takes A Note From Kim Kardashian; Mobile Game Is On The Way

Julian AssangeWATCHLIST
Getty Images

UN Expected To Vote In WikiLeaks' Julian Assange's Favor

2016 Scion FR-SWATCHLIST
Scion

Toyota Just Killed Off Its Scion Brand

Amazon's first and so far only physical bookstore.WATCHLIST
Getty Images / Stephen Brashear

Will Amazon 'Wal-Mart' The Bookstore Business?

Alphabet's various moonshots could pay off big — but it will be a while.WATCHLIST
Alphabet

Alphabet (Aka Google) Isn't Making Money On Moonshots Just Yet

A promotional poster for Instagram's film series, "Shield 5," is pictured.WATCHLIST
Instagram / 'Shield 5'

Instagram Wants You To Watch Its New Thriller — In 15-Second Spurts

Man wears a Fitbit Charge HRWATCHLIST
Fitbit

This University Now Requires New Students To Wear Fitbits

Eagle snatching drone out of the air.WATCHLIST
Politie

This Dutch Police Bird Can Take Drones Out Of The Sky

An employee at Google bikes past a sign.WATCHLIST
Getty Images / Justin Sullivan

Google's Alphabet Takes Down Apple To Be Named 'Most Valuable Company'

Yahoo! President and CEO Marissa Mayer delivers a keynote address at the 2014 International CESWATCHLIST
Getty Images / Ethan Miller

Hundreds Of Yahoo Jobs Could Be On The Chopping Block

A screenshot from the "cs_wildrefuge" mod for "Counter-Strike:Global Offensive."WATCHLIST
Valve / "Counter-Strike: Global Offensive"

The Oregon Wildlife Refuge Standoff Is Now A Video Game

A sign with the 'like' symbol stands in front of the Facebook headquarters.WATCHLIST
Getty Images / Justin Sullivan

Need A Ride? Facebook Could Add Ride-Sharing Feature To Events

Apple hasn't announced anything about an AR or VR headset yet. Sorry.WATCHLIST
Newsy / Evan Thomas

Apple Is Late To The Virtual-Reality Game, But That's Apple For You

T-Mobile CEO John Legere takes part in a Q&A.WATCHLIST
Getty Images / Michael Loccisano

T-Mobile Faces (More) Accusations It's Violating Net Neutrality

Children try out networked computer laptops in the Digital Classroom at the CeBIT Technology Fair.WATCHLIST
Getty Images / Sean Gallup

Obama's $4B Plan Aims to Teach Kids About Computer Science

Facebook continues tightening its policy on gun sales.WATCHLIST
Getty Images / Justin Sullivan

Facebook And Instagram Ban Private Gun Sales

An Israeli-developed drone.WATCHLIST
Israel Aerospace Industry

New Intelligence Leaks Reveal US, UK Spied On Israeli Drones

A Nissan Altima is displayed at the New York International Auto Show.WATCHLIST
Getty Images / Mario Tama

Nissan Just Issued Another Recall For Hood Latch Problems

An illuminated Apple logo is displayed above an Apple Store.WATCHLIST
Getty Images / Andrew Burton

Will Apple Usher In Our (Truly) Wireless Charging Future?

The new Google logo is displayed at the Google headquarters on September 2, 2015 in Mountain View, California.WATCHLIST
Getty Images / Justin Sullivan

This Is How Much Google Paid The Guy Who (Briefly) Owned Its Domain

Those lithium-ion batteries are sensitive to cold weather the same way we are.WATCHLIST
Newsy / Evan Thomas

It's Not Just You; Smartphones Can't Stand The Cold, Either

Staff attend the Genius Bar during the Apple store opening at Via Rizzoli on September 17, 2011 in Bologna, Italy.WATCHLIST
Getty Images / Claudio Villa

Apple Recalls Millons Of Adapters That May Cause An Electric Shock

Mark Zuckerberg speaks at a conference.WATCHLIST
Getty Images / David Ramos

Facebook's Mark Zuckerberg Just Made $6 Billion In A Day