Exclusive: Snapchat Hackers Friend 4 Million Users [And show their work to the CEO of Snapchat]
Young hackers Ash Bhat and Ankit Ranjan just hacked into Snapchat, and friended 4 million users. After getting their project up and running, they showed it to Evan Spiegel, CEO of Snapchat. We talked to Ranjan, who gave us the whole story.
According to Ranjan, Bhat came into the HackTech hackathon at Caltech thinking “I want to piss off a company”, and because of the user data made available by the recent hacking, they decided to try Snapchat. It wasn’t too surprising that they were successful, given their credentials. Bhat was one of 150 students given a full scholarship to Apple’s exclusive WWDC conference last year, and Ranjan has made over 137 code contributions to Github in the past year, a lot of work considering both of them are still in high school.
How They Hacked Snapchat
First they hacked their way into the private Snapchat API to see how it worked. After looking through the code, Ranjan determined that they could do something fun with it. They soon found a way to post any picture on Snapchat (ordinarily, only pictures taken in the Snapchat app can be used).From there, they set the goal of friending 4.6 million people in one day.
Most ordinary hackers would create a single account, and friend every user from that one account, but Ranjan and his crew are not ordinary hackers. “Unfortunately, that’s extraordinarily inefficient”, Ranjan commented, and also apparently easy to track and shut down. So Ranjan “tracked the way that users use the app”. Using machine learning technology, Ranjan created an algorithm for creating robo-users that behave like actual people.
If you enjoy exclusive articles like this, sign up for our weekly newsletter
But wouldn’t Snapchat notice a bunch of weird, computer generated names? That’s what I wondered, but Ranjan’s team had already found away around it. Using the millions of usernames leaked, they determined a set of commonly used vowel patterns, and created a system for generating names that sounded semi-real. Luckily, unlike on other social networks, many Snapchat usernames are nonsense anyways.
The algorithmic activity of the users meant that the fake users automatically created a web of friends, interacting like real users. If Snapchat wanted to shut these fake users down, they’d run the risk of shutting millions of real users down, and even then, it would be nearly impossible to trace and shut down every fake user the team created.
Finally, after building an army of these fake users, the team set up a computer program to make the robo-accounts friend the 4.6 million leaked snapchat usernames leaked in the early-January hack. Friending 4.6 million users isn’t an easy task, but the team is making quick progress. So far, over a million users have been “friended”
Snapchat Took Notice, and CEO Evan Spiegel stopped by
Hacking one of the biggest apps in the world puts you on the map, and that’s especially true when you do it at what’s billed as the world’s biggest Hackathon, Hacktech.
Once people started learning of their work, someone called Snapchat founder and CEO Evan Spiegel to let him know what had happened. Snapchat happens to be located pretty close to where the Hackathon was taking place, so “after finishing his laundry”(you’d think the CEO of a $4 billion company could hire someone to do that), Spiegel stopped by to check it out.
Given that they’d just hacked this man’s lifeblood, and that Snapchat has hundreds of millions in venture capital backing, the team described the visit as “shit scary”. Their number one fear was that Spiegel would sue them for millions of dollars.
But Spiegel took the hack well, understanding it was in good fun, and trying to understand how their program worked.
He congratulated them on their excellent exploitation of the API, though he commented that he hoped their progam would not work. After meeting with the hackers for a few minutes, he left, but he set up a lunch meeting with them the next day. He wanted the full details of how his baby had been infiltrated.
*Read Also: Mark Cuban on Snapchat*
What do you do after hacking a billion dollar company?
When the fun ends, and they finish their quest of friend requests, what will they do with the hack? Ranjan says they’re considering making the code open source, or simply breaking it down, so that it can’t be exploited in the future.
While they realized that their technology could be worth big bucks to advertisers, they won’t be selling out. “We won’t be using it for marketing”, Ranjan promised.
As for what they’ll be doing. The team behind this plans to meet with Spiegel tomorrow, and they plan to keep hacking. The question is, which big silicon valley firm will be recruiting these young hackers, and when?