Technology

Hackers strike at Snapchat and Skype

Two separate attacks, one carried out by the Syrian Electronic Army, aim to expose security vulnerabilities

Hacks targeting the two Web applications were carried out by groups calling for tighter security online from governments and private groups.
Scott Olson/Getty Images

Two brazen attacks aimed at the popular Web and mobile applications Snapchat and Skype were carried out Wednesday by separate groups calling for tighter security of information on the Internet.

Computer hackers posted online usernames and partial phone numbers of 4.6 million users of the smartphone photo-sharing service Snapchat, media reports said Wednesday, in what the perpetrators declared was an attempt to expose the vulnerability of users’ data.

A website called SnapchatDB.info made the information available for download, according to the tech news blog TechCrunch. As of Wednesday evening, the site had been suspended.

In a statement to TechCrunch, the hackers at SnapchatDB said they exploited a flaw identified by Gibson Security, and that they were publishing the data to persuade the photo-sharing application to enhance its security.

In their statement to the blog, the hackers said they wanted to highlight the broader issue of flashy site design that they said fails to consider security. 

“Our main goal is to raise public awareness on how reckless many internet companies are with user information,” the hackers told the blog. “It is a secondary goal for them, and that should not be the case. You wouldn’t want to eat at a restaurant that spends millions on decoration, but barely anything on cleanliness.”

It's not clear whether the group behind the Snapchat hack has any larger ideological motivation or affiliation. However, it did tell the tech blog The Verge that it would provide the stolen data in full to those who asked, such as "security researchers from around the world, professors from various universities, private investigators and attorneys." 

While Snapchat has yet to respond to the attack, the company said in a blog post published on Dec. 27 that it had taken precautions to prevent such a breach of security.

Through Snapchat, users can send photos and videos that disappear shortly after being viewed. The Web application has recently surged in popularity, especially among teenagers.

Snapchat drew attention in November when reports emerged that it had turned down a $3 billion acquisition offer from Facebook. The two-year-old company has so far raised more than $123 million in funding.

SEA strikes again

Also Wednesday, the hacker collective known as the Syrian Electronic Army (SEA) appeared to have broken into Skype's social-media accounts, with the stated aim of exposing the video-call service’s vulnerabilities to spy agencies.

"Don't use Microsoft emails (hotmail,outlook),They are monitoring your accounts and selling the data to the governments. More details soon #SEA,” read the Twitter account of the Microsoft-owned Skype on Wednesday morning.

Similar messages were posted on Skype's official Facebook pages and on a blog on its website before being taken down in the late afternoon. The SEA later tweeted out copies of the message "for those who missed it."

Microsoft could not be immediately reached for comment.

The SEA followed its message on Skype’s Twitter account with one on its own: "You can thank Microsoft for monitoring your accounts/emails using this details." It listed Microsoft CEO Steve Ballmer's contact information.

The hacker collective — which backs Syrian President Bashar al-Assad’s regime, currently embroiled in a nearly three-year-long civil war that has claimed at least 100,000 lives — has previously hacked accounts belonging to The New York Times, the BBC, The Associated Press and other media organizations.

The most striking example of the group’s online high jinks came in the form of a tweet posted last year to The Associated Press’ twitter account saying that the White House was under attack and President Barack Obama was injured.

Stock markets plummeted for a brief time before the message was determined to be fake.

The SEA's latest attack appears to be linked to documents released by National Security Agency leaker Edward Snowden, which revealed the PRISM surveillance program.

PRISM is said to give the NSA and FBI spy agencies access to the systems of nine of the world’s top Internet companies including Google, Facebook, Microsoft, Apple, Yahoo and Skype.

The program purportedly allows the NSA to spy on audio and video calls using secret "backdoors." Skype has denied the existence of such access.

Al Jazeera and wire services

Find Al Jazeera America on your TV

Get email updates from Al Jazeera America

Sign up for our weekly newsletter

Get email updates from Al Jazeera America

Sign up for our weekly newsletter