Story image

Hacked Snapchat accounts use native chat feature to spread diet pill spam

07 Oct 2014

In May, Snapchat released an update that put the “chat” into the app by allowing users to send messages. Symantec previously warned that criminals would inevitably leverage this feature in future spam campaigns and since that time, a number of Snapchat users have reported receiving chat messages and photos from their friends promoting diet pill spam.

Symantec has now released an overview of the current situation and advice for users on how they can secure their Snapchat account.

This is not the first campaign of this type we have seen. In February 2014, a number of Snapchat accounts were compromised and used to send images of fruit drinks, promoting websites called FrootSnap and SnapFroot.

The fruit-themed spam messages required users to manually visit the websites, and this extra step presented a challenge. These websites redirected to a site designed to look like Groupon.com, promoting a miracle diet solution called Garcinia Cambogia. The latest round of Snapchat spam has seen spammers leveraging the native chat functionality instead.

The compromised Snapchat accounts send out a photo message of a box of Garcinia Cambogia, which is followed by a chat message that includes a suspicious link containing ‘groupon.com’ in the URL.

A link from someone that isn’t your Snapchat friend is not clickable. However, by compromising Snapchat accounts, spammers are able to insert clickable links into their messages based on who the compromised account is friends with.

Snapchat issued a statement saying that the accounts promoting these miracle diets were compromised. Snapchat said that credentials, obtained through a breach of another website, were reused on Snapchat accounts. Snapchat claims that the reason these accounts were compromised was because certain users reused the same password on multiple websites.

Secure your Snapchat account There is no denying that password reuse is problematic and users should never use the same password for multiple sites; however, passwords by themselves are not enough. Some social networks have introduced two-step verification to help prevent unauthorised login attempts. Until Snapchat implements this feature, userscan change their Snapchat passwords to something stronger and, most importantly, something unique.

To access this blog post, please follow this link: http://www.symantec.com/connect/blogs/hacked-snapchat-accounts-use-native-chat-feature-spread-diet-pill-spam

Apple's AirPods now come with 'Hey Siri' functionality
The new AirPods come with a standard case or a Wireless Charging Case that holds additional charges for more than 24 hours of listening time.
NZ investment funds throw weight against social media giants
A consortium of NZ funds managing assets worth more than $90m are appealing against Facebook, Twitter, and Google following the Christchurch terror attacks.
Poly appoints new A/NZ managing director, Andy Hurt
“We’re excited to be bringing together two established pioneers in audio and video technology to be moving forward and one business – Poly."
NVIDIA announces Jetson Nano: A US$99 tiny, yet mighty AI computer 
“Jetson Nano makes AI more accessible to everyone, and is supported by the same underlying architecture and software that powers the world's supercomputers.”
Unity and NVIDIA announce real-time ray tracing across industries
For situations that demand maximum photorealism and the highest visual fidelity, ray tracing provides reflections and accurate dynamic computations for global lighting.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
NVIDIA introduces a new breed of high-performance workstations
“Data science is one of the fastest growing fields of computer science and impacts every industry."
Apple says its new iMacs are "pretty freaking powerful"
The company has chosen the tagline “Pretty. Freaking powerful” as the tagline – and it’s not too hard to see why.