Skip to main content

Multiple third-party Snapchat apps are leaking your account data

Multiple third-party Snapchat apps are leaking your account data:

Snapchat

If you’re using a third-party Snapchat app, it’s time to delete it. Change the password to your Snapchat account while you’re at it.

Will Strafach of Sudo Security Group, a company that researches security vulnerabilities in apps, came across numerous third-party Snapchat apps ignoring modern security conventions by sending user data over insecure connections.

The apps tested were on iOS, but that’s not to say that Android apps are immune, just that they weren’t included in the test.

The first offending app was Snapix. When a user enters their Snapchat login details into Snapix, the app transmits this data, in plain text, over a non-secure connection. Worse, it stores this data on its own server as well. There’s no legitimate reason a third-party app would need to store login information on its own server, but that’s not stopping Snapix.

Snapix may have been the most egregious offender, but it was by no means the only third-party Snapchat app with severe vulnerabilities. Two other applications, Quick Upload and SnapBox were also guilty of sending secure data in plaintext over an insecure connection.

Strafach only tested a few apps for these vulnerabilities, so this shouldn’t be interpreted as an exhaustive list. In fact, it’s generally better to avoid third-party applications that extend the functionality of social networks entirely as Snapchat itself warned in this blog post after a 2014 leak that saw thousands of videos and images leaked.

“When you give your login credentials to a third-party application,” Snapchat representatives said, “you’re allowing a developer, and possibly a criminal, to access your account information and send information on your behalf.”

➤ [Verify.ly via 9 to 5 Mac]








(Via The Next Web » Apps)

Comments

Popular posts from this blog

Apple will disconnect ‘obsolete’ first-gen Apple TV from iTunes in May

Apple has announced today it will drop iTunes support for some older devices from May 25. This includes the first generation Apple TV, and also any PC running Windows XP or Vista. The company is introducing new security changes which will prevent those devices from using the latest version of iTunes.
Apple says that the original Apple TV is an "obsolete Apple product" and will not be updated to support security changes. Only those with the second generation of Apple TV or later will be able to access the iTunes store.
Windows XP or Vista users won't be able to use the latest version of iTunes, but older Windows computers can still use previous versions without support from Apple. Those who do so, however, won't be able to make new purchases or re-download previous purchases on that computer. If you're on on XP or Vista, you'll need to upgrade to Windows 7 or later to continue using iTunes normally.
The writing was already on the wall for these devices: Wi…

Microsoft Reportedly Replacing Outlook.com With Office 365

Microsoft might be thinking about replacing the technology and user interface of Outlook.com with Office 365 if a new report is to be believed. Apparently the company will be migrating all Outlook.com users to Office 365 at some point later this year. Office 365 brings other services as well which include Outlook Web Access. The question that surely must be on everyone’s mind is that why is Microsoft doing this? According to The Verge the reason behind this migration is to make sure that Microsoft Outlook, Exchange and Office 365 platforms are perfectly aligned. In favor of keeping things consistent Microsoft is going to go ahead and add the consumer Outlook.com to the mix as well. There has been speculation previously about impending major user interface changes for Outlook.com, Microsoft’s general manager of Office Apps Rob Lefferts suspected that much. It’s worth nothing that Microsoft hasn’t updated its consumer email service for quite a few months and it even showed the door to G…

Windows 10: Microsoft retires HomeGroup

Microsoft plans to remove the HomeGroup functionality from its Windows 10 operating system. The company made the first step towards that goal in the most recent Insider Preview version of Windows 10 as it disabled it in that build.
In "a note about HomeGroup" in the release announcement of the Windows 10 Insider Build, Microsoft confirms that HomeGroup will be retired.
The company introduced HomeGroup in Windows 7 as a new option for home users to access printers, files, and media in home networks. The core idea was to assign all devices to a single HomeGroup to share access to files and printers between all devices.
It is unclear how popular the feature was and is. It is clear however that it was never the only option that Windows users had in this regard, and it was not the best either for certain use cases. You could not add Mac OS X or Linux devices to a HomeGroup for instance.
The end of HomeGroup
Easily connecting to and sharing the important pieces of your digi…