Snapchat is a hugely popular mobile app that combines sharing with privacy – once photos have been shared and viewed, they are deleted. But Snapchat has not been without controversy. Although it claims to delete all photos once they have been viewed, researchers have demonstrated that they can still be retrieved from mobile devices. And last month the company admitted that it has been forced, by court order, to hand over undeleted photos to law enforcement.
"If we receive a search warrant from law enforcement for the contents of Snaps and those Snaps are still on our servers, a federal law called the Electronic Communications Privacy Act (ECPA) obliges us to produce the Snaps to the requesting law enforcement agency," wrote Micah Schaffer, Snapchat's officer of trust and safety. "Since May 2013, about a dozen of the search warrants we’ve received have resulted in us producing unopened Snaps to law enforcement."
Now Snapchat is subject to a new problem over which it has no control. Chris Boyd, a senior threat researcher at ThreatTrack Security, has discovered the service was used via Bing search engine poisoning/sponsoring to lead to adware. When he searched for Snapchat on Bing, the very first return was an ad for Videonechat [dot] com/snapchat. (Bing has now removed the advert.)
"The [linked URL] simultaneously talks about installing Snapchat, while listing the program as 'Dorgem' in small letters in the grey box on the top right hand side," he wrote. "In a nutshell, someone has taken an old and entirely unrelated app and labeled it as Snapchat."
A 'Premium Installer' box pops up. It recommends the 'quick' install for Snapchat while simultaneously saying that doing so implies agreement to the RealPlayer terms and conditions.
"The install offers up a number of ad serving programs, media players and additional software offered up with no relation to Snapchat whatsoever," warns Boyd. "During testing, we saw Realplayer, GreatArcadeHits, Optimizer Pro, Scorpion Saver and Word Overview."
What it didn't install is Snapchat itself. At one point it pretends to install Snapchat (the progress bar says 'Installing Snapchat') but it is actually installing Dorgem. Dorgem is a long-discontinued webcam capturing tool. In fact, the site's description of Dorgem ("Dorgem is a webcam capture application for Windows 9x and up. Any Video for Windows compatible webcam (or other digital camera) is supported.") has been lifted verbatim from the SourceForge 'Dorgem discontinued!' page.
"Legitimate programs being bundled with Adware is a common enough tactic," warns Boyd, "but this is an Optimum Installer bundle where a website serves as clickbait for a deliberately misrepresented app – you most definitely do not get what you’re promised in return for installing numerous pieces of ad-serving software. Don’t fall for this one."