Team Snapchat has released a statement in their blog in response to the public release of security exploit and API by Gibson Security researchers, as the result of ignorance from the Snapchat team since last August.
Snapchat said that it has already added the “counter-measures” to prevent hacks such as the potential stalking of users via matching usernames to phone numbers and these hacks could also expose those user accounts to spam.
The “Disappearing messenger” downplayed the Gibson Security as it kept on doing since last August. The white-hat security researches shouldn’t be done this, instead, it should have to wait for an attack to publicize the matter about the “point-of-contact” since last August.
Snapchat said in the statement,
“Theoretically, if someone were able upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way.”
Rob Enderle, principal analyst at Enderle Group said,
“Gibson should probably have waited until someone had launched an attack on Snapchat, then told the world they had warned the company and it was negligent.”
However, this is not the first time, this growing mobile messenger (along with Whatsapp) facing the security issues. There were many reports has been published earlier since 2012 regarding the vulnerabilities such as posts at adam caudill’s blog, kivikakk.ee and Nick’s cleveryou.net.