Snapchat flaw can be used to remotely crash one iPhone or spam millions

Snapchat flaw can be used to remotely crash one iPhone or spam millions

Summary: Snapchat bug could lead to mass spam campaign or denial of service attacks on any iPhone.

SHARE:
TOPICS: Security
3

Snapchat's security issues are drawing attention once again, this time over a flaw that could let an attacker flood an iPhone with messages and cause it to crash.

A simple error in the way the Snapchat app for iOS devices handles security tokens makes the Apple mobiles vulnerable to a denial of service attack that can cause it to crash, according to security researcher Jaime Sanchez.

Sanchez detailed his findings in a blog over the weekend, explaining the root cause is that Snapchat's security tokens don't expire. As Sanchez explains, new Snapchat tokens are generated to authenticate a user's identity each time they send a new message or update their contact list.

But because the tokens don't expire, they can be re-used multiple times — either to send out spam from multiple devices to Snapchat users or to direct a load of requests at one target device.

"I'm able to use a custom script I've created to send snaps to a list of users from several computers at the same time. That could let an attacker send spam to the 4.6 million leaked account list in less then one hour," he wrote.

"The other problem is that any attacker could just send all the snaps to one user only, as a Denial of Service attack."

The researcher demonstrated the attack to the LA Times last week, showing how he could use his account to send 1,000 messages to a reporter's phone within five seconds, which caused the device to hang until it shut down.

Sanchez told the paper he reported the flaw publicly before alerting Snapchat to its existence because the US startup didn't respect the work of security researchers — a claim that was made by the Australian researchers who found the flaw that led to its leak of 4.6 million user details.

Snapchat has blocked the accounts Sanchez used to demonstrate the attacks.

ZDNet has asked Snapchat whether it's fixing the issue and will update the story if it receives one. 

More on Snapchat

Topic: Security

Liam Tung

About Liam Tung

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, security and telecommunications journalist with ZDNet Australia. These days Liam is a full time freelance technology journalist who writes for several publications.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Can't trust Apps on security or privacy

    I think Apps will kill themselves because the developers rush to throw them together and don't seem to worry much about security or privacy. Snapchat is just another web business model that does not seem to have any legs to survive.
    JohnnyES-25227553276394558534412264934521
  • This will lead to increased market fragmentation

    It's unclear whether these security flaws will result in mass migration -probably not- but this will further fragment the user base. My response to this article here: http://bit.ly/1eJFMnE
    raulcastanon
  • The typical users of Snapchat won't care.

    Teenagers and horndogs could care less, unless they get caught by parents or significant others.
    Champ_Kind