12/20/2023 0 Comments HacksnapchatSnapchat officials responded to last week's full-disclosure posting with a lukewarm acknowledgement. The researchers said they decided to fully disclose the vulnerability after Snapchat engineers largely disregarded limited disclosure details published in August. Last week, researchers from Gibson Security published details of an attack that could abuse this feature to disclose the phone number of virtually all Snapchat users. The data was obtained by targeting a programming interface in the backend of Snapchat's website that allows people to locate users by their phone numbers. The Snapchat data has likely also been downloaded by less scrupulous hackers for use in phishing and social engineering scams. The data has also been incorporated into Have I Been Pwned, a whitehat service that helps people track whether their personal information has been leaked online. Within 24 hours, the site was no longer accessible, but much of the data can still be found in search engine caches and mirror servers. The database containing usernames and corresponding phone numbers for the majority of Snapchat users was posted to on the last day of 2013. Phone numbers published on the site were obscured by censoring the last two digits, but the anonymous people behind the posting said they might make the full version available privately. Greyhat hackers have published the partial phone numbers belonging to more than 4.5 million Snapchat users after exploiting a recently disclosed security weakness that officials of the service had described as theoretical.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |