Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phishing Attack Scores Credentials For More Than 50,000 Snapchat Users (theverge.com)

Posted by BeauHD on from the not-what-it-appears dept.

An anonymous reader quotes an exclusive report from The Verge: In late July, Snap's director of engineering emailed the company's team in response to an unfolding privacy threat. A government official from Dorset in the United Kingdom had provided Snap with information about a recent attack on the company's users: a publicly available list, embedded in a phishing website named klkviral.org, that listed 55,851 Snapchat accounts, along with their usernames and passwords. The attack appeared to be connected to a previous incident that the company believed to have been coordinated from the Dominican Republic, according to emails obtained by The Verge. Not all of the account credentials were valid, and Snap had reset the majority of the accounts following the initial attack. But for some period of time, thousands of Snapchat account credentials were available on a public website. According to a person familiar with the matter, the attack relied on a link sent to users through a compromised account that, when clicked, opened a website designed to mimic the Snapchat login screen.

11 comments

  1. Oh the horror! by Anonymous Coward · · Score: 0

    A bunch of 13 year old girls had their accounts broken into! Now all their friends are gonna find out how much they 'heart' Justin Bieber and the boy that sits next to them in math.

    Need to get the EFF BEE EYE on this!

    1. Re:Oh the horror! by Anonymous Coward · · Score: 0

      The FBI is far too busy investigating serious crimes, like memeing while Russian.

  2. Rotate The Shield Frequencies! by Templer421 · · Score: 1

    You Shall Be Assimilated! RESISTANCE IS FUTILE!

  3. Phishing by Anonymous Coward · · Score: 0

    No collusion my lilly white ass. trump will hang.

  4. Finally! by YrWrstNtmr · · Score: 1

    A multi thousand user breach I'm not part of.

    1. Re:Finally! by Anonymous Coward · · Score: 0

      The title of this Slashdot article should have been: "Millennial idiots hacked"

    2. Re:Finally! by Anonymous Coward · · Score: 0

      I went to try to refute you by looking up how many old people fall for the fake Microsoft scam calls. Turns out that's also something that 25 - 34 year olds are the most common victims. God damnit millennials. Why are so many of us broken idiots (myself included)? What went wrong?

  5. You all don't understand do you? by Anonymous Coward · · Score: 0

    It was an IQ test. It proved 50k app crap users are stupid. Good sampleset to infer craps users are stupid. Anti-Trump trolls are proof.

  6. millennial IQ test that 55k failed by Anonymous Coward · · Score: 0

    Who cares. Is a fucking millennial penis pics trading app. They get what they deserve

  7. WordPress by Anonymous Coward · · Score: 0

    I was actually researching this website when I was sent this phishing attack.

    They used an outdated version of WordPress, and I used some exploits available online and was able to break in.

    Didn't reveal much though.

  8. Today's attack not stopped by APK by Anonymous Coward · · Score: 0

    And here it looks like we have today's news of an attack not stopped by APK's work. I'm sure he is frantically trying to find an entry in someone's hosts file that would stop this so he can say his work does something long after the attack happened. Too bad it will require manual intervention to block and still didn't prevent the initial attack. He will then call people fake names, ne'er-do-wells, Soros puppets, and do nothings because someone made fun of him and made him look bad. This is also why there aren't any mirrors in APK's house as they make him look bad.