Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Snapchat iPhone App Security Hole Creates DoS Opportunity

Another shot has been fired at the security of a popular photo messaging service that has recently been in the crosshairs of security researchers.

Another shot has been fired at the security of a popular photo messaging service that has recently been in the crosshairs of security researchers.

According to security expert Jaime Sanchez, a flaw in the Snapchat app for iOS could be used to launch a denial-of-service attack and cause the device to crash. The problem, he explained in a blog post, is that the security Snapchat uses for authentication don’t expire.

“I’ve been using for the attack one token created almost one month ago,” he blogged. “So, I’m able to use a custom script I’ve created to send snaps to a list of users from several computers at the same time. That could let an attacker send spam to the 4.6 million leaked account list in less than one hour.”

The list he is referring to is a collection of phone numbers and associated usernames posted online roughly a month ago by hackers taking advantage of an exploit revealed by Gibson Security in December. That particular exploit abused a security hole Gibson Security first notified Snapchat about in August.

To demonstrate his attack, Sanchez launched a denial-of-service attack on the phone of a LA Times reporter and was able to send his account 1,000 messages within five seconds. This caused the device to freeze until the reporter shut it down and restarted the phone.

“All push notifications systems work by having the mobile operating system (iOS in this case) issue an address which app publishers use to specify the delivery of the notification to the device,” he explained. “Apple Push Notification service transports and routes a notification from a given provider to a given device. A notification is a short message consisting of two major pieces of data: the device token and the payload. The device token is analogous to a phone number, and provides the required authentication for Apple to deliver a push message to the intended app.”

“Probably, Snapchat’s application doesn’t handle and control all the request and updates you receive, because of a poor implementation,” he continued. “So when you’re under this kind of attack, it might be crashing the device through the Push Notification System or something worse.”

Launching a denial-of-service attack on Android devices doesn’t cause those smartphones to crash, but it does slow their speed, he added. It also makes the app unusable until the attack has finished.

Advertisement. Scroll to continue reading.

Snapchat did not respond to a SecurityWeek request for comment before publication. The company however has banned the two accounts Sanchez used for his demonstration. 

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.