Part of the source code of Snapchat was leaked and made public on GitHub. Apparently, an iOS update in May exposed a small amount of the app’s source code. However, Snapchat was able to identify the mistake and rectify it immediately, as explained by a Snap spokesperson in a conversation with Motherboard. So, what happened?
Snapchat Source Code for iOS Leaked
The source code belongs to the frontend of Snapchat for iOS, and has been confirmed as genuine by Snap Inc. The company is asking GitHub to remove the leaked code via a DMCA request (Digital Millennium Copyright Act request).
When such a request is filed, GitHub is requiring the user to provide a detailed description of the original copyrighted work. A Snap representative has confirmed the legitimacy of the source code and has shared that “it was leaked and a user has put it in this GitHub repo”:
**Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online.**
SNAPCHAT SOURCE CODE. IT WAS LEAKED AND A USER HAS PUT IT IN THIS GITHUB REPO. THERE IS NO URL TO POINT TO BECAUSE SNAP INC. DOESN’T PUBLISH IT PUBLICLY.
How Did the Snapchat Leak Happen?
Snapchat says that the leak is triggered by an iOS update that took place in May. The update exposed a small amount of the app’s source code, with no further impact on the application or its users.
Twitter messages reveal that the hackers are expecting a reward from the company for exposing the vulnerability that enabled the leak. These attempts however look more like extortion rather than actual bug reporting.
DailyMail reported that one user is behind the leak, and he is known as ‘i5xx’. This person claims to be from the small Pakistani village of Tando Bago. Furthermore, it’s also highly likely that the particular GitHub account was created only for the purpose of sharing the Snapchat code, as nothing else was shared by this user prior to the leak.
As noted by Motherboard, one of the GitHub repos previously hosting the Snapchat code now says “We have disabled public access to the repository“. But judging from some Twitter conversations, it appears that hackers are trading the data privately.