By Ken Hess / CIO Today. Updated February 12, 2014.
Snapchatters were hit with yet another hack today. The latest exploit of Snapchat's photo and video-sharing app links recipients to snapfroot.com, which then redirects for no apparent reason to a link on Allrecipes.com, featuring a picture and recipe for a "Berry Delicious" smoothie.
Snapchat is reportedly looking into the cause of the smoothie hack and working toward a resolution. The registration of snapfroot.com is hidden by a service known as WhoisGuard located in Panama, making it difficult to reach anyone there for comment.
Series of Troubles
So far, the URL and the redirect appear to be harmless, but this snapfroot hack is just the latest in a recent series of Snapchat flaws and hacks. The popular app, which is best known for the self-destructing nature of its photos and videos, has proven to be popular for exploits, as well.
For example, in January, Snapchat users were surprised to find that more than four million Snapchat usernames and phone numbers were posted by a hacker. Users assume that their "Snaps" and other information are secure and private. Apparently that may not be the case. Many users, including Joe Brown from Wired Magazine, have reported having their Snapchat accounts hacked.
Earlier this week, we reported on another Snapchat vulnerability identified by security researcher Jamie Sanchez. That flaw apparently leaves Snapchat iPhone users susceptible to denial-of-service attacks that can cause the device to freeze and crash.
Our team caught up at the time with Chester Wisniewski, a senior security advisor at Sophos, to get his take on the Snapchat problems. He told us he’s not surprised another Snapchat flaw has been discovered, seeing as the company’s attitude toward security seems to be more reactive than proactive.
User's False Assumptions
Although Snapchat hasn't released any direct demographic user information, its user base is generally considered to be youthful, in the 13 to 25 age range. However, a growing number of "older" users are adopting the service, as well. Snapchat has been proven to be especially popular for users sending sexually-oriented photos, because of its transient nature. The service is designed to make photos "self-destruct" -- meaning they disappear from the recipient's device and from Snapchat's servers, after one to ten seconds.
It's risky business though, and, users need to beware since Snapchat can't guarantee that Snap recipients don't screen-capture your photos before they disappear. In fact, Buzzfeed has reported that Snapchat files can be found by examining iPhone's temporary files.
What To Do About It
If you continue to use Snapchat, you should change your password immediately and change it to something strong. Also, discontinue the use of any third party app or service that requires you to login via Snapchat or that uses your Snapchat username and password.