New Snapchat Hack Found by Researcher, So Snapchat Bans Researcher's Account
In recent months, young social media service, Snapchat, has been at the center of security scandals. Jaime Sanchez, a Spanish cyber security consultant for Telefónica, has just uncovered a new cyber security problem with Snapchat -- one that can crash your iPhone.
Snapchat is a relatively new service that is popular with teens and young adults, which allows users to send each other photo and video messages with overlaid text. The service's unique point is the fleeting nature of these social interactions: the messages disappear just a few seconds after the recipient opens them up, and the sender can decide how long the recipient can see the message.
The social media upstart has had some rocky times recently though, with security flaws being pointed out by independent researchers that Snapchat in turn pushed aside or ignored, until it was too late. Now another flaw has been found, once again bringing up the question of how Snapchat will respond.
A New Snapchat Hack
Computer security consultant Jaime Sanchez and a research partner found a new weakness in Snapchat's messaging system that allows a user to send thousands of messages to a single individual in just a few seconds, overwhelming the user's smartphone and causing it to freeze and crash. It's essentially an undistributed denial of service attack (DoS) that chokes a Snapchatter's account with spam, taking advantage of a flaw in Snapchat's coding.
Sanchez, who works for Spanish and Latin American telecom giant Telefónica, did the research in his spare time, and published his results in Spanish and English on his blog.
The problem for Snapchat is that each message sent on the network comes with a token -- a piece of code for each message, much like a phone number, that confirms users' identities. Snapchat, however, has a flaw that Sanchez discovered, which allows savvy manipulators to reuse tokens from old messages to send new ones. By reusing tokens, a hacker can send out mass spam messages or target one single user and flood their phone with thousands of messages.
He demonstrated the DoS attack principle with a journalist from the L.A. Times, whom he contacted to get the message out about the new Snapchat flaw. Sanchez wrote in his blog, "To conduct the proof of concept I only used two account [sic] I registered, from and [sic] iPhone and an Android phone. I haven't used it against any user. Well, I only used it to show the attack to the LA Times reporter : )."
Sanchez demonstrated the Snapchat DoS attack by sending 1,000 messages to the L.A. Times' reporter's account within five seconds, causing the reporter's iPhone to freeze and necessitating a hard reboot. On Android devices, Sanchez reports that it doesn't crash the smartphone, but does make it impossible to use the app until the DoS attack has finished. Here's Sanchez's demonstration video:
Snapchat's Groundhog Day?
Snapchat received a lot of criticism after a flaw in its friend-finding feature was discovered that allowed hackers to expose the account information of potentially millions of Snapchatters. Knowing of the flaw, Snapchat ignored calls for amending the feature until a hacker group exposed the user names and phone numbers of nearly 5 million users.
According to Sanchez, he didn't contact Snapchat because of the company's reputation for ignoring cyber security warnings and showing little respect for researchers. But Sanchez said that Snapchat knows about the security flaw, and has reportedly said in the press they would contact him. He says he never got an email.
Instead, Sanchez claims Snapchat decided to "solve" the problem in a different way: "Do you know what's the security countermeasure they've chosen for solving it?" said Sanchez, referring to the DoS vulnerability he found and tested. "They've banned my two testing accounts and the VPN's IP I used to launch the proof of concept attack and the research..."
Sanchez provides a screenshot of his banned accounts on his blog, but Snapchat hasn't confirmed if they banned it or not -- or if they were taking steps to address the issue. But given their purported response so far, this could be another Snapchat security scandal in the making.