Slap for SnapChat web app in SNAP mishap: '200,000' snaps sapped

This is what happens if you hand your username and password to a 3rd-party


Tens of thousands of stolen private SnapChat photos and vids are being plastered across the internet for perverts to download and ogle, it's claimed. SnapChat says it isn't to blame.

When word spread on 4chan's notorious /b/ board that someone had allegedly swiped as many as 200,000 SnapChat files from strangers, it was feared the official SnapChat phone app or its servers had been hacked.

But the startup has denied its systems were ransacked, and instead pointed the finger of blame at a third-party. Indeed, it's believed the material was obtained from a website called SnapSaved.com, which has been dormant for the past few months and is apparently independent of the official SnapChat service.

SnapSaved

Screenshot of the former SnapSaved website (click to enlarge)

SnapSaved, it appears, allowed people to view and save their SnapChats: users entered their usernames and passwords for the official phone app, and the site used the software's reverse-engineered API to extract stills and short vids on their behalf. This website is not to be confused with the SnapSave app – which has also denied any involvement in today's pic dump.

SnapChatted material is supposed to self-destruct after viewing rather than hang around forever on the internet.

But on Friday, it was alleged on 4chan that the files had been harvested from SnapSaved by a person or persons unknown – and dumped into a 13GB archive that's now being torrented across the internet by thousands of morons.

We have been unable to contact SnapSaved's administrators. It's assumed today's leaked material is distributed without people's permission or knowledge.

Anonymous poster on 4chan's /b/ shows off what he or she has downloaded already from the leak dump

A website called The Snappening claims to have all or some of the leaked SnapChat pics: we're told that while most of the alleged swiped material is rather insipid (think blurry America's Funniest Home Videos sans the funny) a lot of it apparently includes racy footage recorded by sexting underage teens. Which is bad.

The Snappening is named after The Fappening, 4chan anons' term for this year's theft and torrenting of celebs' nude selfies.

It's worth pointing out that the distribution of SnapChats well past their destruct-by-date is nothing new – there's at least one other site El Reg is aware of that boasts it has thousands of archived stills and vids from SnapChat users; we can't imagine they're all legitimately shared.

SnapChat denies hack rumor

"We can confirm that Snapchat’s servers were never breached and were not the source of these leaks," a spokesperson for the upstart told The Register today.

"Snapchatters were allegedly victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users' security. We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed."

The 4chan chatter about this week's leak was first spotted by blogger and online marketing bod Kenny Withers, who published an article about it on his website complete with some SnapChatted pics; his blog was soon noticed by journalists. It was feared the whole thing was a hoax – a viral marketing stunt – but Withers denied claims the pic dump was bogus.

"I do not believe this is a hoax because I saw the list of pictures that were put up before they got pulled down. My article was not intended to 'shit' on /b/. I actually really love those guys," Withers insisted in a Reddit thread. His comment has since disappeared. ®


Biting the hand that feeds IT © 1998–2020