SNAPCHAT, photo sharing app is the majority choice for variety of users. Recently, the company has faced data breach and Captcha bypass vulnerability, and just yesterday a new denial-of-service attack has been revealed which can crash an iPhone.
Jamie Sanchez, a security researcher has found the app vulnerable, which can enable a hacker to launch a denial-of-service attacks, resulting prompt the user to reset the mobile device.
The flaw into the Snapchat app allows someone to flood a user with thousands of messages in a measure of seconds, "By reusing old tokens, hackers can send massive amounts of messages using powerful computers. This method could be used by spammers to send messages in mass quantities to numerous users, or it could be used to launch a cyber attack on specific individuals" he said.
He demonstrated the vulnerability to LA Times reporter, bombarded his handset with thousands of messages within five seconds in a denial-of-service attack, which caused his iPhone to freeze until it restarted.
Snapchat's Android app is not much vulnerable to this denial-of-service attack, but it impacts on the performance of the phone and leave snapchat app useless until the attack is over. Jamie Sanchez declined to contact Snapchat with his findings as he believes the company has no respect for the cyber security research community after ignoring previous app vulnerability reports.
This is the third time in the past 10 weeks when snapchat has no prior information about the security flaws and reacted immediately after public disclosure of the vulnerability.
Update: Snapchat reacted, "We are working to resolve the issue and will be reaching out to the security researcher who publicized the attack to learn more.".
Update: Snapchat reacted, "We are working to resolve the issue and will be reaching out to the security researcher who publicized the attack to learn more.".