Snapchat vulnerability opens up iPhone users to DoS attacks

By , Feb 7, 2014

snapchat

According to a new report from cyber security researcher Jamie Sanchez, the Snapchat app contains a vulnerability that makes it possible for hackers to launch a denial-of-service (DoS) attack that can temporarily freezes a user’s iPhone.

Sanchez and a fellow research discovered a flaw in the app’s system that allows a hacker to send thousands of messages to a Snapchat user in seconds, which can cause crashes. And often times, these crashes can only be fixed with a reset…

Here’s the report from The LA Times (via MacRumors):

“Jaime Sanchez, who works as a cyber-security consultant for Telefonica, a major telecommunications company in Spain, said he and another researcher found a weakness in Snapchat’s system that allows hackers to send thousands of messages to individual users in a matter of seconds.

Every time a user attempts to send a message through Snapchat, a token, which is a code made up of letters and numbers, is generated to verify their identity. By reusing old tokens, hackers can send massive amounts of messages using powerful computers. This method could be used by spammers to send messages in mass quantities to numerous users, or it could be used to launch a cyber attack on specific individuals.”

This is just the latest security issue that Snapchat has faced in recent months, as the private messaging app continues to grow in popularity. In January, hackers exploited a security hole in the app and leaked over 4.6M usernames and phone numbers.

Sanchez said because Snapchat was warned of the security hole ahead of time, and did nothing, he didn’t bother contacting them about his discovery before going public. The company says it was unaware of the DoS vulnerability, but it’s looking into it.

  • Share:
  • Follow:
  • ✪ aidan harris ✪

    And to think both Facebook and Google wanted to buy them. Snapchat should have sold out while they could. Now everyone can see how insecure their app is nobody will want to buy them and they will eventually become irrelevant…

    • LAGISSUEZ

      Exactly. With all the vulnerabilities I keep reading about and the fact there are people alive that would turn down $3 billion being waved in front of my face is enough for me to just delete that crap. Oh snap!

    • on3simpleclick

      I bet SnapChat’s owners are kicking themselves for not selling.

  • Willie

    In the future, we should just use the vulnerabilities to create a jailbreak through the app

    • Carlos Gomes

      :facepalm:

    • ✪ aidan harris ✪

      That sounds like a great idea, considering sandboxing doesn’t apply to Snapchat.

      /Sarcasm

    • JaeM1llz

      Ya, it doesn’t work like that….

  • Jared Steffen

    Yeah they really need to remake the app to stop all these vulnerabilities but easy fix settings who can snapchat me and only friends (unless your friends really don’t like you) lol

    • Tony Trenkle Jr.

      If they are a “hacker” they can get through that.

      • Jared Steffen

        Ah yeah didn’t think that through all the way

  • Jonathan

    So, is this like exploit number 95 found in Snapchat?
    Burn their servers and save the world please.

  • chris125

    Should have sold when you had that 3 billion offer….