Source Code of Snapchat leaked on Github.
The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub.
A GitHub account under the name Khaled Alshehri with the handle i5xx, who claimed to be from Pakistan, created a GitHub repository called Source-Snapchat with a description “Source Code for SnapChat,” publishing the code of what purported to be Snapchat’s iOS app.
The leaked source code could potentially expose the company’s extremely confidential information. It can either expose the entire design of the hugely-successful messaging app or how the app works and what will be its future enhancements.
The parent company of Snapchat responded to the leaked source code by filing a copyright act request under the Digital Millennium Copyright Act (DMCA). Thereby, helping it takedown the online repository hosting the Snapchat source code.
SnapChat Hack: Github Took Down Repository After DMCA Notice
Although precisely unclear about what secret information the leaked SnapChat source code contained, the company’s panic can be seen in the DMCA request (written in all-caps). Also, it suggests the contents of the repository were legitimate.
“I AM AT SNAP INC., OWNER OF THE LEAKED SOURCE CODE,” a reply from a Snap employee, whose name is redacted, on the DMCA notice reads.
Upon asking “Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online,” the Snap employee responded:
“SNAPCHAT SOURCE CODE. IT WAS LEAKED AND A USER HAS PUT IT IN THIS GITHUB REPO. THERE IS NO URL TO POINT TO BECAUSE of SNAP INC. DOESN’T PUBLISH IT PUBLICLY.”
“WE WOULD APPRECIATE YOU TAKE DOWN THE WHOLE THING.”
Snap told several online news outlets that an iOS update in May exposed a “small amount” of its iOS source code.
Although the company identified and rectified the mistake immediately, it discovered that some of the exposed source code had been posted online.
However, Snap did confirm that the code has been subsequently removed and that the event did not compromise its application and had no impact on its community.
Pakistani Hacker Threatens to Re-Upload The Source Code
It appears that the online user behind the source code leak created the Github account. Also, there was a sole purpose of sharing the source code as nothing else was posted on the account before or after the Snapchat leak.
Moreover, some posts on Twitter by at least two individuals (one based in Pakistan and another in France) who appear to be behind the i5xx GitHub account. It suggests that they tried contacting Snapchat about the source code and expecting a bug bounty reward.
But when they did not get any response from the company, the account threatened to re-upload the source code until they get a reply from Snapchat.
The Snapchat source code has now been taken down by GitHub after the DMCA request. It will not be restored unless the original publisher comes up with a legal counterclaim proving he/she is the owner of the source code.
However, this does not rectify the issue completely. Since the Snapchat source code is still in the hands of outsiders, they could re-publish it on other online forums or could use it for individual profit.