The Hacker News Logo
Subscribe to Newsletter

Snapchat's new Security feature Hacked in 30 Minutes; CAPTCHA Cracking tool published

Snapchat's new Security feature Hacked in 30 Minutes; CAPTCHA Cracking tool published
Snapchat suffered a massive data breach back in December in which 4.6 million usernames and phone numbers were compromised.

Earlier this month, the company launched an update to its iOS and Android apps, added a new security measure to ensure that new users aren't spambots or a robot. While signing up for the first time, it now displays nine images and then ask you to pick which images have a “ghost”.

Within 24 hours of Snapchat releasing an improved security feature, a developer has written a computer program capable of cracking it.

Another hacker, 'Steven Hickson' took only 30 minutes to write a script that can crack this new security feature. In this CAPTCHA feature, basically have you choose from amongst a bunch of images, identifying the ones that have the Snapchat ghost to prove you are a person.
"The problem with this is that the Snapchat ghost is very particular. You could even call it a template. For those of you familiar with template matching (what they are asking you to do to verify your humanity), it is one of the easier tasks in computer vision."
He wrote a script that can map out the exact shape of the Snapchat by matching it with the templates. Basically, he took an image of Snapchat's logo, then built a program that can identify certain points on the logo and match them to the images in the test.
He was able to effectively bypass Snapchat's test with 100 percent accuracy. "There is a ton of ways to do this using computer vision, all of them quick and effective. It's a numbers game with computers and Snapchat's verification system is losing."

He has also published the source code of cracker on the GitHub.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.