Seesaw messaging app hacked to send parents Goatse Meme

Image for article titled School messaging app hacked to spam parents nationwide with Goatse meme [UPDATE]

Photo: Dmytro Tyshchenko (Shutterstock)

An all-time hall of famer NSFW Spam Something happened this week: a hacker broke into a school messaging app to send a photo of a man’s gaping sphincter to parents of young school children across the country.

The episode involved Seesaw, an “interactive learning platform” and messaging app that helps elementary schools communicate with parents and students. Used by districts across the country, Seesaw’s slogan is: “Elevate Learning in Elementary.” From the company website says it has a monthly user base of over 10 million teachers, students, and family members.

Typically, the app is used by teachers and administrators to share lesson plans, school updates, and other important information. But this week, parents across the country started receiving messages featuring something quite different: an image of a man bending over and spreading his buttocks wide. Originally NBC reported the incident, and the motherboard later revealed the nature of the shared image. It is believed the image may have been sent to relatives in states as far afield as ColoradoIllinois, Pennsylvania, MichiganMinnesota, KansasSouth Dakota and New York.

On Wednesday, Seesaw released a short statement confirming that it had been hacked. “It has come to our attention that a link to an inappropriate image was being shared via the Seesaw Messages feature. It appears that specific accounts have been compromised by an outside actor,” the company said. tweeted. After becoming aware of the issue, Seesaw temporarily disabled its messaging feature to stop any further dissemination of the obnoxious image. On Thursday, the feature had been reactivated.

In other updates, Seesaw further clarified that the company itself was not hacked, but that individual user accounts (presumably belonging to teachers or administrators) were compromised via coordinated hacking. credential stuffing offensive. Seesaw said “widely available compromised emails/passwords that were reused across services” were used by hackers to log into specific accounts and send the explicit photo.

It’s unclear exactly who is responsible for this debauched madness, but one thing is certain: Seesaw’s Twitter account has been inundated with complaints from what appear to be angry parents. “It was horrible and I hope you can let all users know how it happened and what steps have been taken to prevent it from happening again,” said an user.

“How are you going to help clear the names of innocent people whose integrity has been tarnished by this?” asked another hilariously.

Another user summed it up nicely: “Butthole pics are sent via a toggle. Don’t open unless you want to see some asshole up close.

The tendency of cybercriminals to hack into schools to share NSFW material is well known. Hackers will typically infiltrate Zoom meetings or school district websites to share porn and other offensive material.

In this particular case, the motherboard reports that the image shared with the parents appears to have been the infamous “Goatse” meme. You do not know what it is ? Here’s a quick reminder.

Goatse is an old man”shock sitewhich was originally launched in 1999; the site just said “hello” and featured an image of an open asshole. Shock sites, which usually feature a single rude image or video, were quite popular in the mid-2000s (see “Meatfor another example). At some point, Goatse became a meme and was widely shared across the internet. The developers of the original site also attempted to turn the image into a cryptocurrency token. In 2017, the website began announcing the launch of a “goatse coin,” although it is unclear if this token actually materialized. The website has flirted with other Web3 projects over the years and seems to have started a NFT collection at one point.

It’s unclear how many people were spammed with the notorious asshole image, so we reached out to Seesaw to try and get more information about the incident. We’ll update this story if they respond.

____________

UPDATE 7:45 PM ET: A Seasaw spokesperson contacted Gizmodo to explain that “less than 0.5% of Seesaw users” were affected by the hacking incident. It could still be… a bit crowded, given the supposed volume of the app’s user base. The spokesperson also provided an updated statement on the incident, which reads, in part:

“Seesaw was the subject of a coordinated credential stuffing attack. Seesaw has not been compromised; however, an isolated number of Seesaw user accounts were compromised in this attack, and only a fraction of them were able to send the inappropriate message before the attack was blocked… We have no evidence to suggest that this attacker performed additional actions or accessed data in Seesaw beyond logging in and sending a message from these compromised accounts. ”

Here’s to you guys.

About Sandra A. Powell

Check Also

Meta sued for tap-dancing around Apple’s new app privacy rules

from private theater department Last year, Apple received wide coverage about how the company was …