Indian hackers fake data leak in response to CEO Evan Spiegel's comment about India

On April 16, 2017, a group of hackers from India reported that they breached over 1 million Snapchat accounts last year in retaliation to a report in which India was called poor by Snapchat CEO Evan Spiegel. The alleged comment on the Indian financial issues was made in 2015 and reported by ex-employee Anthony Pompliano, who has also signed a lawsuit against Spiegel. It has been reported that the hackers are determined to hinder Snapchat until Spiegel makes an apology.

All started when Evan Spiegel allegedly stated that the Snapchat application "is only for rich people" and that he has no intention of expanding "into poor countries like India and Spain." This comment sparked outrage among Internet users, leading to extremely poor ratings of the Snapdeal app, which is a completely different application from Snapchat. Nevertheless, those users who did not get confused gave the lowest 1-star rating for the application on Snapchat's App Store. On the Google Play store, the Snapchat app has 4 stars, based on over 11 million ratings.

Furious Twitter users started using Twitter tags #Uninstall_Snapchat and #boycottsnapchat to show protest against Snapchat and supported offended Indian users, which is known to be among the top countries downloading Google apps. More specifically, India has become the first on the list presenting Google Play downloads, surpassing the US. Some sources suggest that Snapchat had about 4 million users in India last year, which proves the statement that the app is for everyone around the world.

As to Snapchat's security flaws, this alleged report on a data leak is a first-time-incident after an attacker abused a Snapchat address book API. In 2014, over 4.6 million phone numbers and user names were leaked by a group whose goal was to raise awareness about the security of the app. The data was partially edited in order to prevent spam and abuse. A person could download the database leaked and find phone numbers associated with Facebook and Twitter. The data breach affected users in North America, but it also turned out that only one fourth of the area codes in the United States were present in the database. The website containing the stolen data was soon shut down (within 24 hours), but users could still find out whether their phone numbers were leaked. Snapchat conceded the breach in theory and claimed that they were implementing various measures to prevent further breaches.

Many news sites started reporting the alleged claim about a new data leak that supposedly took place in April, but only a few decided to take a greater look at the claims. The alleged hackers stated that they had published stolen information on the Dark Web, also known as darknet. One of the analyses revealed that some user data is stored on Ghostbin, which is an open source text storage website available on the deep web. Content on such websites is not indexed by standard search engines, which means that the leaked data cannot be accessed in a regular way known to the majority of Internet users. The investigation has revealed that the dataset contains over 4,000 rows of entries with user names and phone numbers with two last digits blurred out. The entries present users based only in the United States. Importantly, the number of entries is significantly smaller than the one reported by the hackers.

Rojan Rijal, a security enthusiastic, also got motivated to have a look at this issue when one person raised concerned about the data leaked in 2014. Phone number from the dataset leaked in 2014 was searched in the dataset published this year at ghostbin.com, and the numbers matched. Moreover, the SQL torrent (file used by database products) of the previous leak was found, and it turned out that the file contained the data posted this year. As result, the hackers did not compromise Snapchat's data but only repurposed it to create a havoc, which has also caused a great backlash as the facts show.

The Indian hackers remain anonymous, and CEO Evan Spiegal disputes the claim that he has made the comment discussed. Snap Inc also remains silent and has not announced any statement regarding the breach.