A hacker published the code, supposedly belonging to the iOS application
Security specialists on computer networks at the International Institute of Cyber Security report that the source code of the popular social networking application Snapchat recently appeared online after a hacker leaked and published it on GitHub, the repository of Microsoft-owned code.
A GitHub account under the name of Khaled Alshehri with the identifier i5xx , which claimed to be from Pakistan, created a GitHub repository called ” Source-Snapchat”describing it as ” Source Code for Snapchat “, in which it published the code of what supposedly it was the Snapchat application for iOS.
According to security experts in computer networks the code would have the potential to expose extremely confidential information of the company, such as the complete design of the messaging application, how the application works and what functions are planned in future updates.
Snapchat’s parent company, Snap Inc., responded to the leak by filing a copyright petition under the Digital Age Copyright Act (DMCA), which helped eliminate the online repository that hosted the source code of the Snapchat application.
Although it is not clear exactly what secret information contained the filtered Snapchat source code, the company’s panic can be noticed in the DMCA request, suggesting that the code published in the i5xx repository was, in effect, the source code of the application.
When consulting for a detailed description of the work protected by copyright that is allegedly infringed, the Snapchat employee in charge of carrying the DMCA request stated that it “is Snapchat’s source code, which was leaked and posted by a user in its GitHub repository. We would appreciate that the publication be eliminated “, is seen in Snapchat’s DMCA request.
Snap Inc. commented to different lines that, as a result of an iOS update implemented in May, a “small amount” of its source code for iOS was exposed. However, Snap Inc. confirmed that the code was subsequently removed and that the event did not compromise its application and had no impact on users.
Hackers threaten to publish the code again
It seems that the online user behind the filtering created the Github account for the sole purpose of sharing Snapchat’s source code since nothing else was published in the account before or after the source code leaked.
Moreover, security specialists in computer networks report a series of posts on Twitter from at least two people (from Pakistan and France) that appear to be behind the i5xx account suggest they tried to contact Snapchat and tried to obtain a reward for reporting errors. But, not getting any response from the company, the account threatened to reload the source code until Snapchat contacted them.
Snapchat’s source code has now been removed from the repository after the DMCA request reached GitHub, and will not be restored unless the original publisher files a legal counterclaim that proves he owns the source code. However, this does not solve the problem completely. Since Snapchat’s source code is still in the hands of outsiders, they could republish it in other online forums, or they could use it to try to get some benefit.
Entusiasta de la seguridad cibernética. Especialista en seguridad de la información, actualmente trabajando como especialista en infraestructura de riesgos e investigador.
Experiencia en procesos de riesgo y control, soporte de auditoría de seguridad, diseño y soporte de COB (continuidad del negocio), gestión de grupos de trabajo y estándares de seguridad de la información.
Envía tips de noticias a info@noticiasseguridad.com o www.instagram.com/iicsorg/.
También puedes encontrarnos en Telegram www.t.me/noticiasciberseguridad