Snapchat May Crash Your iPhone

[Harry-Potter]

Security researchers found out that a flaw in the Snapchat mobile application allows attackers to flood iPhone with data, freezing and crashing it. One of the security experts used vulnerability in the way the app authenticates users and discovered that sending a huge amount of messages to a single user can crash their iPhone. Moreover, even once it powers back up, the application itself hangs until the attack is finished.

 

 

The security expert disclosed the flaw a few days ago and found that Snapchat had banned his two testing accounts and blocked the IP he used to demonstrate the attack. However, the company hadn’t immediately fixed the actual problem. The expert explained that the problem is in the way the app authenticates users: instead of sending passwords with each picture, Snapchat sends an authentication token based on the password and the time. Supposedly, this allows the website’s servers reject individual requests.

However, in reality it appeared that rather than demand a new access token for every action, the application’s servers could accept re-used tokens. Although the real Snapchat client generates new tokens each time, an attacker is able to generate one legitimate token and then reuse it thousands times to automatically send messages.

In other words, the only limit to how many times the same message can be sent is the speed with which the attacker’s machine is able to send requests to Snapchat’s servers, which allowed the security expert to use several machines at once and send thousands of messages to one device in 5 seconds, causing it to crash.

It should be noted that this was the second security breach at Snapchat this year. Last August, other experts revealed a vulnerability which allowed users to find the Snapchat username associated with any phone number. The company failed to fix the flaw within the next 4 months, and this January 4.6 million mobile numbers were leaked by intruders. And still, Snapchat delayed fixing the issue for another 8 days. It is unclear how long it will take it to fix the new flaw.