Skype and Snapchat embarrassed in New Year hacks

By Graeme Burton
02 Jan 2014 View Comments
Skype logo

Microsoft-owned Skype and social media start-up Snapchat have both been hacked in recent days - one by the "Syrian Electronic Army", a group of pro-government Syrian hackers, and the other by a group claiming that they wanted to highlight Snapchat's poor security.

Skype was probably most embarrassed. The Syrian Electronic Army cracked both its blogging platform and its Twitter account to post the following message:

Further reading

"Don't use Microsoft emails (Hotmail, Outlook). They are monitoring your accounts and selling the data to the government."

That claim follows six months of revelations that the US National Security Agency (NSA) has compromised telecoms companies, networks, internet security standards and even some companies in a bid to throw a surveillance dragnet around the world.

Microsoft responded by taking down its blogging platform and moving to take back control of its Twitter account. It published a perfunctory apology on its Twitter account - but didn't respond to the claims.

Popular social media site Snapchat was also hit on Wednesday, with hackers claiming to have posted personal information of Snapchat users online - at a web site, www.snapchatdb.info, that has now been taken down.

The hackers behind that attack claimed to have done so in order to highlight the company's poor attitude towards security.

Ironically, perhaps, Snapchat was created in order to enable people posting images online with their smartphones more control over their dissemination: images are deleted from the company's servers as soon as they are opened by their intended recipients. The idea is that embarrassing images cannot so easily be propagated.

The hackers claim to have posted account information of some 4.6 million Snapchat users.

In a statement, the hackers said that they had acquired the information by exploiting a recently identified security flaw. Their aim, they claimed, was to try to convince the company to improve its security.

"We used a modified version of gibsonsec's exploit/method. Snapchat could have easily avoided that disclosure by replying to Gibsonsec's private communications, yet they didn't," claimed the hackers in a statement to US website Tech Crunch.

It continued: "Even long after that disclosure, Snapchat was reluctant to take the necessary steps to secure user data. Once we started scraping on a large scale, they decided to implement very minor obstacles, which were still far from enough. Even now the exploit persists. It is still possible to scrape this data on a large scale. Their latest changes are still not too hard to circumvent."

Gibson Security, the "white hat" security organisation, published details of Snapchat's security shortcomings on Christmas Eve.

Snapchat has grown fast in the past two years, taking in funding of more than £123m and attracting a $3bn acquisition offer from social media giant Facebook in November 2013.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 9 - what do you want?

What would your business require from Windows 9 "Threshold" to make it an attractive proposition?

32 %
4 %
8 %
7 %
49 %