Skip to main content

Snapchat security blunder puts iPhones at risk

In the latest Snapchat security snafu, a new report indicates that the iOS version of the popular messaging app is susceptible to denial-of-service attacks that can freeze or crash a user's phone.

Spanish security researcher Jaime Sanchezdetailed the flaw in a blog post, explaining that he was able to send 1,000 messages in five seconds to a reporter's iPhone, which caused the device to freeze, requiring a reboot.

How? According to Sanchez, the Snapchat app uses tokens to authenticate users rather than passwords. "A token is created any time you make a request to Snapchat to update your contact list, add someone, send a snap etc." he wrote. "The problem is that tokens doesn't expire. I've been using for the attack one token create[d] almost one month ago. So, I'm able to use a custom script I've created to send snaps to a list of users from several computers at the same time. That could let an attacker send spam to the 4.6 million leaked account list in less then one hour."

Or, as Sanchez demonstrated, the attacker could target one user, sending all the snaps to one device in a denial of service (DoS) attack. Sanchez suggests that the flaw is a product of Snapchat's poor control over push notification requests.

Apple iPhone owners appear to be at highest risk. Android devices, however, are not likely to crash, but will run at noticeably slower speeds.

Those Snapchatters who have the app set to friends-only should be spared, as long as the attacker is not a member of their friends list.

This latest glitch comes after the usernames and phone numbers for 4.6 million account holders were temporarily posted online by hackers who took advantage of a vulnerability that was previously disclosed by Gibson Security. A few weeks later, Snapchat rolled out a ghost-themed verification process for new users.

Snapchat did not immediately respond to our request for comment, but it told TechCrunch that it is working on a fix. But the company got into a bit of a spat with Sanchez on Twitter, chastising him for not reporting the bug before making it public. Sanchez responded that Snapchat "didn't deserve a responsible disclosure after your attitude with Gibson's report."