Source code for what is believed to be a small part of Snapchat’s iOS application was posted on GitHub after being leaked back in May. After being notified, Snap Inc., Snapchat’s parent company, immediately filed a DMCA request to GitHub to get the code removed.
A copy of the request was found by a ‘security researcher’ tweeting from the handle @x0rz, who shared a link to a copy of the request on GitHub:
Snapchat source code leaked? Apparently yes https://t.co/A58TZ28FEK (Snap Inc. DMCA request to GitHub)
— x0rz (@x0rz) August 7, 2018
You can read the DMCA request in full here.
“An iOS update in May exposed a small amount of our source code and we were able to identify the mistake and rectify it immediately… We discovered that some of this code had been posted online and it has been subsequently removed. This did not compromise our application and had no impact on our community.”
A number of posts linked to the GitHub account suggests that the leaker had tried to contact Snapchat but had been ignored. “I will post it again until I get a reply” they said.
— خالد الشهري #الاسطورة (@i5aaaald) August 4, 2018
Leaked Snapchat code is still being traded privately
Although GitHub has taken the repo down, it’s not hard to find people claiming they have a copy of the code that they’re willing to trade:
yeah i got it. DM me.
— Luca #OrkSec (@iSn0we) August 7, 2018
Now the code is out in the wild it will take more than a DMCA request to get things under control. Although it would appear the leaked code isn’t substantial enough to give much away to potential cybercriminals, it’s likely that Snapchat is now working hard to make the changes required to tighten its security.