Snapchat’s security troubles continue as a security researcher has managed to hack its account registration CAPTCHA system with a program of less than 100 lines that took 30 minutes to develop.
Steve Hickson, a computer engineer by education, wrote a small computer program with very little effort that identifies Snapchat’s ghost from the given set of images. Hickson equates Snapchat’s ghost very particular and calls it a template that can be matched easily using a computer program.
Hickson used a combination of Open Source Computer Vision Library (OpenCV), SURF points and FLANN matching “with a uniqueness test to determine that multiple keypoints in the training image weren’t being singularly matched in the testing image.”
Hickson has detailed the basics of the logic he implemented to develop the program through a blog post. “With very little effort, my code was able to “find the ghost” in the above example with 100% accuracy”, noted Hickson.
On new year’s eve Snapchat was hacked and a partially redacted database of over 4.6 million users was leaked online. The photo messaging app company updated its app nine days after the breach and issued an apology for the breach.