Science and Tech

Actions

Hackers Can Use Snapchat To Disable, Crash Phone

A security researcher has discovered a flaw within Snapchat\'s app that could allow an attacker to disable or crash a phone.
Posted at 5:00 PM, Feb 08, 2014

Snapchat's had a rough streak when it comes to security concerns, and this latest report doesn't really help its case.

Security researcher Jaime Sánchez has discovered a vulnerability within the app that allows an attacker to send thousands of Snapchat messages within seconds, causing the phone to stall or crash. (Via YouTube / Jaime Sánchez)

According to Sánchez's security blog, which details the attack, a small piece of data called a security token is used to identify a Snapchat user. Each time a snap is sent, a token is created. 

With most apps and services, these tokens expire after use, but Snapchat's tokens do not. Sánchez was able to use these expired tokens to send thousands of snaps.

A writer for Gizmodo says the attack affects Android and Apple devices differently. As you saw, the iPhone crashed and rebooted. Android devices slow to a crawl and the Snapchat app freezes.

The Los Angeles Times reports Sánchez doesn't plan to contact the company, "because he claims the Los Angeles startup has no respect for the cyber security research community."

And he shared this tweet on Saturday: "My two accounts and IPs involved in the research of the Snapchat DoS has been banned. That's their countermeasure..." (Via Twitter / segofensiva)