Snapchat vulnerability opens up iPhone users to DoS attacks


According to a new report from cyber security researcher Jamie Sanchez, the Snapchat app contains a vulnerability that makes it possible for hackers to launch a denial-of-service (DoS) attack that can temporarily freezes a user’s iPhone.

Sanchez and a fellow research discovered a flaw in the app’s system that allows a hacker to send thousands of messages to a Snapchat user in seconds, which can cause crashes. And often times, these crashes can only be fixed with a reset…

Here’s the report from The LA Times (via MacRumors):

“Jaime Sanchez, who works as a cyber-security consultant for Telefonica, a major telecommunications company in Spain, said he and another researcher found a weakness in Snapchat’s system that allows hackers to send thousands of messages to individual users in a matter of seconds.

Every time a user attempts to send a message through Snapchat, a token, which is a code made up of letters and numbers, is generated to verify their identity. By reusing old tokens, hackers can send massive amounts of messages using powerful computers. This method could be used by spammers to send messages in mass quantities to numerous users, or it could be used to launch a cyber attack on specific individuals.”

This is just the latest security issue that Snapchat has faced in recent months, as the private messaging app continues to grow in popularity. In January, hackers exploited a security hole in the app and leaked over 4.6M usernames and phone numbers.

Sanchez said because Snapchat was warned of the security hole ahead of time, and did nothing, he didn’t bother contacting them about his discovery before going public. The company says it was unaware of the DoS vulnerability, but it’s looking into it.