Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Snapchat iPhone App Security Hole Creates DoS Opportunity

Another shot has been fired at the security of a popular photo messaging service that has recently been in the crosshairs of security researchers.

Another shot has been fired at the security of a popular photo messaging service that has recently been in the crosshairs of security researchers.

According to security expert Jaime Sanchez, a flaw in the Snapchat app for iOS could be used to launch a denial-of-service attack and cause the device to crash. The problem, he explained in a blog post, is that the security Snapchat uses for authentication don’t expire.

“I’ve been using for the attack one token created almost one month ago,” he blogged. “So, I’m able to use a custom script I’ve created to send snaps to a list of users from several computers at the same time. That could let an attacker send spam to the 4.6 million leaked account list in less than one hour.”

The list he is referring to is a collection of phone numbers and associated usernames posted online roughly a month ago by hackers taking advantage of an exploit revealed by Gibson Security in December. That particular exploit abused a security hole Gibson Security first notified Snapchat about in August.

To demonstrate his attack, Sanchez launched a denial-of-service attack on the phone of a LA Times reporter and was able to send his account 1,000 messages within five seconds. This caused the device to freeze until the reporter shut it down and restarted the phone.

“All push notifications systems work by having the mobile operating system (iOS in this case) issue an address which app publishers use to specify the delivery of the notification to the device,” he explained. “Apple Push Notification service transports and routes a notification from a given provider to a given device. A notification is a short message consisting of two major pieces of data: the device token and the payload. The device token is analogous to a phone number, and provides the required authentication for Apple to deliver a push message to the intended app.”

“Probably, Snapchat’s application doesn’t handle and control all the request and updates you receive, because of a poor implementation,” he continued. “So when you’re under this kind of attack, it might be crashing the device through the Push Notification System or something worse.”

Launching a denial-of-service attack on Android devices doesn’t cause those smartphones to crash, but it does slow their speed, he added. It also makes the app unusable until the attack has finished.

Snapchat did not respond to a SecurityWeek request for comment before publication. The company however has banned the two accounts Sanchez used for his demonstration. 

Written By

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...