Man Tricked Hundreds of Women into Handing Over Snapchat Security Codes
Man Tricked Hundreds of Women into Handing Over Snapchat Security Codes đ¨
Last week, 27-year-old Kyle Svara from Oswego, Illinois, admitted to hacking womenâs Snapchat accounts across the US. Between May 2020 and February 2021, Svara harvested account security codes from 571 victims, leading to confirmed unauthorized access to at least 59 accounts. Rather than attempting to break Snapchatâs robust encryption protocols, Svara targeted the account owners themselves with social engineering.
After gathering phone numbers and email addresses, he triggered Snapchatâs legitimate login process, which sent six-digit security codes directly to victimsâ devices. Posing as Snapchat support, he sent more than 4,500 anonymous messages via a VoIP texting service, claiming the codes were needed to âverifyâ or âsecureâ the account.
Svara showed particular interest in Snapchatâs My Eyes Only featureâa secondary four-digit PIN meant to protect a userâs most sensitive content. By persuading victims to share both codes, he bypassed two layers of security without touching a single line of code. He walked away with private material, including nude images. Svara didnât do this solely for his own kicks; he marketed himself as a hacker-for-hire, advertising on platforms like Reddit and offering access to specific accounts in exchange for money or trades. Selling his services to others was how he got found out.
Although Svara stopped hacking in early 2021, his legal day of reckoning followed the 2024 sentencing of one of his customers: Steve Waithe, a former track and field coach who worked at several high-profile universities including Northeastern. Waithe paid Svara to target student athletes he was supposed to mentor. Svara also went after women in his home area of Plainfield, Illinois, and as far away as Colby College in Maine.
He now faces charges including identity theft, wire fraud, computer fraud, and making false statements to law enforcement about child sex abuse material. Sentencing is scheduled for May 18.
To protect your Snapchat account, never send someone your login details or secret codes, even if you think you know them. Passkeys let you sign in without a password, but unlike multi-factor authentication, passkeys are cryptographically tied to your device and canât be phished or forwarded like one-time codes. Snapchat supports them, and they offer stronger protection than traditional multi-factor authentication, which is increasingly susceptible to smart phishing attacks.