Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Snapchat hack

  • 24-09-2014 9:12am
    #1
    Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭


    Well, my son got an unusual mail off snapchat there last night. Apparently someone had logged into his snapchat account from an IP in the US and they flagged it as unusual in an email to him. I did a reverse DNS and port scan on the IP this morning and it has squid installed (so obviously the login didn't originate from there).

    We're somewhat at a loss as to how his account was breached though. His password is short (9 characters) but isn't something you'd find on a password list (or indeed one that could be easily generated by hashcat with a dictionary).

    For it to be brute forced you'd reasonably require the encrypted password or some level of access to his phone (possible?) or this computer (highly unlikely). He does use the password in other places (important ones have been changed).

    Any thoughts on how this might have happened?


Comments

  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    A rogue or compromised wireless access point which your son used?

    Edit: You don't look old enough to have a son who uses snapchat.


  • Registered Users, Registered Users 2 Posts: 1,034 ✭✭✭dalta5billion


    Did he login via a third party app, such as those that "save" snapchats?

    Logged in via a commercial WiFi company proxying through the US?

    Alternatively Snapchat themselves may have a breach.


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    syklops wrote: »
    A rogue or compromised wireless access point which your son used?

    Hmmmm. Possibly. He does use any wifi he can get his hands on.
    syklops wrote: »
    Edit: You don't look old enough to have a son who uses snapchat.

    I'll take that as a compliment rather than a statement about my parenting. :D Yeah, he's plenty old for snapchat.
    Did he login via a third party app, such as those that "save" snapchats?

    You know...I bet this is it. I'll check with him later.
    Logged in via a commercial WiFi company proxying through the US?

    Unlikely.
    Alternatively Snapchat themselves may have a breach.

    Possible, but it also seems unlikely.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Did he login via a third party app, such as those that "save" snapchats?

    Thats problably it.


  • Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    syklops wrote: »
    Thats problably it.
    Indeed. There are a myriad of permission checkers for all mobile OS variants so it's an easy enough one to confirm too.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    Blowfish wrote: »
    Indeed. There are a myriad of permission checkers for all mobile OS variants so it's an easy enough one to confirm too.

    It wouldn't show up in a permissions check actually. Internet access would be all that's required to rob the username and password.


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    OK....This happened a second time.

    He had factory reset the phone, installed a very limited set of apps (none of which he gave his snapchat password to) and changed his snapchat password.

    He got a mail from snapchat saying his account had been accessed by an IP in the US again. Again this IP has squid running (the previous one still has it) so obviously someone is trying to break into his account.

    Honestly, to me this smells like a breach within snapchat at this point. I am wide open to other theories though.


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    *bump* :)


  • Closed Accounts Posts: 383 ✭✭surpy


    i doubt its specific to your son

    http://www.bbc.com/news/technology-29410366


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    Yeah, I had seen that, but it says "but the site has said it was not the victim of a hack". To me this stinks of a breach. Two passwords in two weeks.


  • Advertisement
  • Closed Accounts Posts: 383 ✭✭surpy


    http://nakedsecurity.sophos.com/2014/10/01/snapchat-says-fat-spam-is-not-its-fault/
    Snapchat says it has emailed many of the compromised users to let them know their account has been hacked.

    its a broad "hack" but it does seem they are confident its not on their side
    We have seen evidence that hackers who have access to a trove of credentials leaked from other websites, have started using them to gain access to Snapchat accounts. In many instances, our defences have notified the user that their account has been compromised. We recommend using a unique and complex password to access your Snapchat account.


  • Closed Accounts Posts: 383 ✭✭surpy


    i'm guessing a stolen DB of passwords / phone numbers from another site is being sold a few times and checked if any of the login data matches to snapchat


  • Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    That's fair enough for the first instance, but not for the second. He had changed the password and was only using it with gmail (now with 2FA) and snapchat so unless they had a hash to attack, or were brute forcing it (which snapchat should not allow) it stinks of a breach on their side to me. If I knew someone who worked in snapchat I'd kick it up the food chain in there.


  • Closed Accounts Posts: 383 ✭✭surpy


    Sorry , thought you said the second one was just an attempt.
    Maybe tweet them?


Advertisement