Snapchat users are now more vulnerable than ever according to security researchers.
Telefónica employee and cyber-security researcher Jaime Sanchez has discovered a method to cause denial-of-service (DoS) attacks via the popular photo sharing application. Hackers can exploit this and send thousands of messages to users within seconds, causing the victim’s phone to crash.
The cyber-security consultant said tokens are generated every time a user sends a photo or a video. The flaw within the app would allow these tokens to be regenerated, causing a DoS attack if enough messages are sent. This could then be used by spammers to send messages in mass quantities to numerous users, or for cyber-attacks on desired individuals.
The research concluded iPhones were more prone to attacks, crashing immediately after a DoS attack via the app. Meanwhile, Android users could experience a reduced performance on their device rather than a crashed phone.
Sanchez has since failed to report the vulnerability to the company, citing Snapchat's poor cooperation with security researchers. He claims the company could have avoided the database breach, but instead released an update for the app well after the breach occurred.
“They (researchers) warned Snapchat about issues - about the possible dump of database - and Snapchat didn't care.”
Snapchat is a photo messaging application which allows users to send photos, videos and drawings for a specified time decided by the sender. Since its launch in 2011, Facebook and Google have reportedly offered to buy the company for $3bn and $4bn respectively, which were both rejected by CEO Evan Spiegel. As of September 2013, more than 400 million “snaps” were sent daily.