A new Snapchat vulnerability published by Spanish security researcher Jamie Sanchez gives hackers the potential to crash your phone by overloading it with messages, a variation on the classic denial-of-service attack used to bring down many a website in the past.
If you’re on an iPhone, Snapchat freezes and crashes, forcing users to restart. If you’re using Snapchat on an Android device, the app will become much slower, though it won’t completely crash. Hardly the end of the world then, but nevertheless something Snapchat needs to address.
“We are working to resolve the issue and will be reaching out to the security researcher who publicized the attack to learn more,” runs the official Snapchat response to the claims as reported by TechCrunch. Sanchez took his findings to the LA Times before Snapchat because the feels the mobile app team “has no respect for the cyber security research community.”
You may remember that Snapchat had to roll out a fix at the start of the year after information about millions of its users was posted online. This hack came as a result of another loophole reported to Snapchat by independent security researchers. The app has also recently implemented a new feature to make it more difficult for spambots to use the service, though its effectiveness has been called into question.
Head over to the LA Times site to see a video of the new attack in action. It exploits a weakness in Snapchat’s platform that allows thousands of messages to be sent in the space of just a few seconds — old verification tokens (employed to authorize genuine messages) are reused over and over again in order to fool Snapchat’s protection systems. The ploy could be used to send out thousands of spam messages to different users as well as targeting one particular individual.