Snapchat Makes You “Find The Ghosts” To Keep Hackers From Stealing Your Phone Number [Update: But It Fails]

Leave a comment

January 23, 2014 by AllKnol

TechCrunch

Snapchat now verifies new users aren’t robots by making them choose its ghost mascot within images. It’s an attempt to keep out hackers who could steal phone numbers by exploiting a leaked database of details on 4.6 million accounts. a 16-year-old hacker proved he could do just that by finding the number of Snapchat CTO Bobby Murphy, but now he says Snapchat has patched the holes he harnessed. [Update: But the “Snap-tcha” solution doesn’t seem very secure as another hacker built a workaround in under an hour.]

Graham Smith, a high school sophomore from Dallas, Texas has documented his research on Snapchat security. He tells me he began experimenting with Snapchat’s undocumented API over the summer. He built a tool that could determine if a string of numbers was actually a phone number connected to a Snapchat account, similar to the exploit Gibson Security outlined when it detailed Snapchat’s…

View original post 714 more words

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: