Archive for the ‘Hack Stories’ Category

Introducing the Idjit

Snapchat, one of the most frequently preferred yet controversial interaction and socialization platform these days encounters yet another security threat. Snapchat’s signups acknowledged a boost lately as many teenagers especially from the US started to switch from social networks such as Facebook to Snapchat. Click Here for more details about this trend.

Snapchat Security Alert

 

This was a considerable milestone – a great achievement for Snapchat. However, the glee of this accomplishment diminished as Snapchat was notified about a new security exploit that could be manipulated by the hackers like the preceding incident.

https://twitter.com/ChrisaHead/status/433115242139115520

 

Blast from the Past

For those of you who don’t know; Snapchat was hacked in the month of January 2014. The hackers stole username details along with numbers of around 4.6 million users and leaked the data publically over the Internet. The details were downloadable via “SnapchatDB.info” which no longer exists by the way.

SnapchatDB

It was reported that Gibson Security researchers had already informed Snapchat about their “Find Friend” exploit and how it could be manipulated by hackers. Snapchat’s ignorance led the leading social platform to concede a massive data leak where privacy of 4.6 million users was compromised.

Snapchat Vulnerable

New Exploit Discovered

This time, it is much more complicated and crucial than the previous exploit. This time, Snapchat might have to face catastrophic outcomes if their evasion continues to last. Jamie Sanchez, a Security Researcher has found that Snapchat encompasses a security loophole – a weakness that greets DDoS (Denial-of-Service) attack. If occurred, it would be an attack executed through an intermediary which will be Snapchat.

 

The Damage It Can Cause

Through this security exploit, a hacker can flood user’s inbox with repetitive messages causing the device to overload. As a result, the device (especially iPhone) will crash and may require user to hit the reset button. The attack will have considerable impact over Android devices as well. The attack may not require you to reset the device; but, it will slow down its performance to a considerable extent.

FRANCE-US-IT-INTERNET-SECURITY-SNAPCHAT

Conclusion

Snapchat unlike the previous approach adopted has reacted promptly to this threat. As per the Snapchat’s official statement, the security researchers are examining the exploit and the concern will soon be resolved. The damage caused by this exploit over Snapchat’s brand reputation is still a quesiton.

 

Users who are concerned about their privacy might not prefer Snapchat over other social platforms anymore. Nevertheless, the world is filled with naïve Netizens who might prefer the earlier approach adopted by Snapchat itself – ignorance.

Everyone has a unique way of welcoming the New Year. Some just celebrate the occasion to blow up their steam whereas others seem determined about their futuristic goals – hence form resolutions to facilitate their accomplishments.

Hackers on the other hand are accompanied with absolutely bizarre plans to welcome the New Year. There were many hacks acknowledged by the Netizens at the start of this year. I however will talk about only two of them; because, both the incidents I would have one thing in common – the person culpable.

The first victim of this digital predator was Neiman Marcus. Neiman Marcus on 1st of January affirmed the possibility of a hack – possibly victimizing confidentiality of the customers as their credit card information was accessed. Neiman Marcus stated that they were informed by one of the victimized customers during mid of December whose bank statement revealed an unauthorized activity processed via credit card.

We would take all necessary steps to improve our security discrepancies and take every measure possible to track down whoever is responsible, they said. However, Neiman Marcus could not prescribe the source behind the security breach or identify the security loopholes.

Second victim to be highlighted here is Target. Earlier this year, Target encountered a major hack where the debit/credit card information of 40-70 million US customers (some say 110 million) was stolen by a mastermind. The hacker accessed the information of credit/debit card holder that came to shop at Target from November 27th to December 15th.

The information accessed comprises card holder’s names, CVV numbers, card numbers and expiry date of the cards. The authorities along with other concerned personnel couldn’t do anything but to hypothesize the person(s) responsible or the method through which the Target’s security was breached. Meanwhile, the customer had to suffer the consequences as phony cards fabricated on the basis of all accessed information were available in the black market – traded for around $200 per card.

The bizarre phenomenon to be highlighted here is – the day Neiman Marcus affirmed the hack was the same day Target announced victimization of its 40 million customers. Anyways, the wait is finally over. It is time for the curtain raiser. It has been confirmed by a security firm that the mastermind behind the hacks acknowledged by Neiman Marcus and Target is a teenager from Russia.

Yes! A Russian teenager designed a malware that was used to hack both Neiman Marcus and Target. A security firm named IntelCrawler affirmed that the security breach encountered by Neiman Marcus and Target was a malware that infiltrated their security systems. IntelCrawler also said that the malware is known as BlackPOS – and its author is a 17-year-old Russian teenager. However, execution of the plan is a mystery yet to be unveiled.