Sophos Cloud Optix
When thousands of Snapchat pictures got published online last week, they were hard to get at for those who went looking.
They were available on The Pirate Bay, but that required downloading a 13GB torrent to look at a mass, unsearchable image dump.
So a 19-year-old who goes by the name of Mudit Grover and who sports a Redditor nickname of massguru (account has been disabled) made it easier, by putting up a website, TheSnappening.org, to host the images.
It wasn’t searchable, but hey, at least you didn’t need to download a flabby torrent like on The Pirate Bay.
Perhaps Grover got spooked – after all, we’re talking about publishing highly illegal, doxxed content that could label those who spread it as child pornographers in the eyes of the law, given the way the Snapchat demographic skews to the underaged.
Or, as he noted in a comment on a Reddit post on Tuesday (since deleted), he just couldn’t keep up with (or afford the server load for) the 5+ million page views he was getting daily.
Either way, he took the site down.
Now, incensed attackers have taken him down.
As Mashable reports, news of TheSnappening.org being shut down had spread through Reddit Nation on Wednesday morning, met by a jeering audience.
One Redditor mocked what Grover had characterized as his good intentions when he had talked to Mashable. Grover had explained the site’s raison d’être this way:
The content is publicly available everywhere on the Internet. Neither I am the only one nor the first one to make a website about that. My purpose was that people should see how vulnerable hosting private information on cloud can be, I do not intend anything wrong.
But the mocking Redditor wanted the blame squarely put back on whoever downloaded the unsafe third-party service – SnapSaved.com – that got squeezed for the photos:
Like it was thesnappening.org's fault that some idiots downloaded an unsafe 3rd party app that posted their pics online. Puh-lease.
This and other gripes were percolating on a subreddit called The Snappening, so-called in reference to “The Fappening”, also known as Celebgate: the multiple releases of celebrities’ explicit photos that began at the start of September.
Besides discussing the theft of what is reportedly nearly 98,000 Snapchat images, Redditors also visit the Snappening subreddit to try to get links to the collection. Or to post links to spam or malicious sites, as the case may be.
(Mashable notes that those malicious links have been quickly taken down, while links to sites hosting the images have not.)
Then again, people who visit The Snappening subreddit have asked for very particular images, in either a creepy stalker way or, who knows? Maybe because they’re trying to protect a buddy. See this case:
A girl from my class has 35 pictures in the leak. Her username was in 35 of the few identified snaps. Dont want to download the 13 GB which may contain CP, but am wondering if anyone that has dowloaded it, can check up her pics for me?
But while Reddit was bubbling with derision, jeering wasn’t enough for some. No, there were others out there who wanted to actually punish Grover for depriving everybody of the chance to gawk at private images.
So within hours of TheSnappening.org coming down, attackers allegedly took over the domain and posted a message identifying themselves as “Team Danny”.
They included Grover’s alleged personal address, as well as his cellphone and home number.
…and in short order bragged about it on Twitter:
.@bkurbs @lorenzoFB http://thesnappening.org / http://thefappening.social - the same guy was behind both. Check them out now :~)
Mashable reached out to Team Danny, who said that the attack was done for laughs following Mashable’s initial report about the site coming down, that it was a “trivial” attack to pull off, and that Grover “deserved it”.
And that the attacker was 13, although we don’t know if that is true or not.
But even if the attacker behind Team Danny isn’t in fact 13, and even if Grover isn’t actually 19, it doesn’t matter: regardless of their true names and ages, this is still a pack of kids armed with keyboards.
At the heart of The Snappening are images, many of them intimate, many of which are potentially of children.
That’s a serious thing. But the internet can be as serious as a playground with children climbing jungle gyms, snatching those photos, looking up little girls’ skirts, running away, laughing, and then throwing dung at each other.
That’s unfortunate for the kids who trusted that Snapchat would really make its images disappear: a promise it’s shown that it can’t keep, whether that’s because images that supposedly disappear in reality don’t go anywhere, or because Snapchat’s been slow to come up with a public API that would enable it to better control the security of the third-party apps that have grown up around it.
At any rate, Mashable reports that Grover apparently got back control of his site, given that it’s no longer showing Team Danny’s message.
Fortunately, neither is it hosting images that could get Grover in trouble, at this point.
Let’s hope that something besides too much traffic caused Grover to take down the images. Common sense or self-preservation, say.
Or how about this for a motivation behind taking down the images: common decency toward people whose privacy has been beaten into the mud.
Given the latest requirements of “free email” accounts and new Twitter accounts to verify that new users are “real people”, and given that ISPs can trace back IP addresses to source, anyone posting or hosting anything illegal is traceable back to the source.
So unless the miscreants are “lucky” (or unlucky!) enough to live in “protected” (give a shit!) countries (Russia, China et al) there is nothing stopping the long arm of the law knocking their door and feeling their collar.
That of course also depends if the Prosecutors are in fact interested in these law breakers, or, like the billion dollar crimes of the Financial Districts over the last 10 years, they define them as “too complex to prosecute”, preferring easier crimes like parking and speeding offenses to justify their existence?
VPN. Enough said.
What happened to the days of trying to learn 6502 so you can write the next cool game for the C64? Why are kids wasting their time and talent on things that will do them no good (other than a white hat sec job for some corporation somewhere which is, I think, antithesis to these guys ideals). For the laughs? Maybe I’m just too old, but I think back on my heros – the McCarthy’s and Greenblatts, the Kotoks and Gospers, and all the other unsung (and sung) heroes of the software revolution. It’s sort of like watching some crappy comedy just to prove that you have dramatic taste.
Never underestimate the likelihood of a big, fat antithesis!
I blame two things for the demise of 6502 programming: these days, there are just too many registers, and too many bits.
The days of trying to learn 6502 have been replaced with the days of learning .Net, Escala, and the TCP/IP network stack, as well as the Steam API and Objective C.
What I mean by that is that there are just as many kids doing cool things with computer software as there were back in the day — the difference is that now that computing tech is a commodity, the kids who were sticking bananas in the tailpipes of cars, throwing rocks through windows of warehouses, tagging everything under the sun, and generally showing disdain for the respect and privacy of others have moved on to wresting control of images and web sites from the unwary.
And now, instead of these people being limited to their own (or surrounding) neighborhoods, they’ve got the entire internet to cherry pick from — the kids that would go along a line of houses in the suburbs rattling doorknobs can now test the security of millions upon millions of web servers and other connected devices.
Remember, even before the days of 6502, you had guys hanging out on obscure telephone loops with their cassette recorders recording supposedly private conversations on the trunk lines, then playing them back for laughs to others on the loop. Some of those guys even went on to form some of the most popular and successful tech companies around today 😉
Note that two of the famous Blue Box phone phreakers ever (let’s give them a pseudonym – we’ll call them TTS, short for “The Two Steves”) based their first successful computer on the 6502.
And their second.
Not to mention Captain Crunch.