Snapchat Vulnerability Can Lead to iPhone Denial-of-Service Attacks

by

snapchatlogoA vulnerability in the Snapchat app opens the iPhone up to denial-of-service attacks that can cause the device to freeze and crash, according to cyber security researcher Jamie Sanchez [Google Translation] (via The Los Angeles Times).

A weakness in the app’s system can allow a hacker to send thousands of messages to a Snapchat user in seconds, which can cause a crash that requires a hard reset to fix. Tokens generated by the app used to verify user identity can be reused by hackers to send a flood of messages.

By reusing old tokens, hackers can send massive amounts of messages using powerful computers. This method could be used by spammers to send messages in mass quantities to numerous users, or it could be used to launch a cyber attack on specific individuals, [Sanchez] said.

Sanchez demonstrated the flaw for The Los Angeles Times, sending a reporter 1,000 messages within five seconds in a denial-of-service attack, which caused the reporter's iPhone to freeze until it restarted.

The security researcher declined to contact Snapchat with his findings as he believes the startup "has no respect for the cyber security research community" after ignoring previous app vulnerability reports.

Snapchat has faced multiple problems as its private messaging app has grown in popularity, including vulnerabilities that allowed users to bypass screenshot notifications and a recent security breach that compromised the user names and phone numbers of more than 4.6 million customers, which Snapchat was warned about ahead of time by a security group.

When asked about this particular vulnerability, Snapchat said it was unaware of the problem but interested in learning more.

Popular Stories

Apple CarPlay Ultra instrument cluster themes 01

Apple's CarPlay Ultra Is Here – Does Your iPhone Support It?

Thursday May 15, 2025 5:17 am PDT by
Apple's recently announced CarPlay Ultra promises a deeply integrated in-car experience, but not all iPhone users will be able to take advantage of the new feature. According to Apple's press release, CarPlay Ultra requires an iPhone 12 or later running iOS 18.5 or later. This means if you're using an iPhone 11, iPhone XR, or any older model, you'll need to upgrade your device to access...
Read Full Article
Apple CarPlay Ultra instrument cluster themes 01

Apple's 'CarPlay Ultra' Experience Now Available

Thursday May 15, 2025 5:07 am PDT by
Apple today announced that its next-generation CarPlay experience, now dubbed "CarPlay Ultra" begins rolling out today, starting with Aston Martin vehicles. Subscribe to the MacRumors YouTube channel for more videos. CarPlay Ultra is now available with new Aston Martin vehicle orders in the U.S. and Canada. It will also be available for existing models that feature the brand's next-generation ...
Read Full Article134 comments
CarPlay Ultra Climate Controls

Apple Says These Vehicle Brands Plan to Offer All-New CarPlay Ultra

Thursday May 15, 2025 8:13 am PDT by
Apple today announced the launch of CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. CarPlay Ultra features deep integration with a vehicle's instrument cluster and systems, built-in Radio and Climate apps, customizable widgets, and more. The interface is tailored to each vehicle model and automaker's identity, and drivers can also adjust...
Read Full Article126 comments
vision pro video recording

WSJ: Some Apple Vision Pro Buyers 'Feel Total Regret'

Friday May 16, 2025 7:43 am PDT by
Apple's Vision Pro headset has left many early adopters expressing dissatisfaction over its weight, limited use cases, and sparse software ecosystem, according to a new article from The Wall Street Journal. In the year following the device's launch, user feedback suggests that it has failed to meet expectations for comfort, software support, and social acceptance. In interviews conducted by T...
Read Full Article266 comments
iPhone 17 Air Pastel Feature

iPhone 17 Air Could Debut Advanced Silicon Battery Tech

Friday May 16, 2025 8:00 am PDT by
The upcoming all-new ultra-thin iPhone 17 Air could become the first Apple smartphone to adopt advanced battery technology, with Japanese supplier TDK preparing to ship its new generation of silicon-anode batteries by the end of June. According to DigiTimes, TDK CEO Noboru Saito revealed in a recent interview that the Apple supplier has accelerated its production timeline, moving shipments...
Read Full Article70 comments
iOS 18 Siri Personal Context

Apple Will Reportedly Be More Cautious About Announcing New Features Well in Advance

Sunday May 18, 2025 2:50 pm PDT by
Apple plans to mostly stop announcing new features more than a few months before they are ready to launch, according to Bloomberg's Mark Gurman and Drake Bennett. The pair of reporters revealed this noteworthy tidbit towards the bottom of a lengthy report about Apple's artificial intelligence shortcomings today. This alleged change in strategy comes after Apple was forced to delay its more...
Read Full Article138 comments

Top Rated Comments

Hastings101 Avatar
Hastings101
147 months ago
snapchat is more trouble than what its worth. if you wanna sext just use iMessage

okay, let's do this
Score: 7 Votes (Like | Disagree)
ZacNicholson Avatar
ZacNicholson
147 months ago
snapchat is more trouble than what its worth. if you wanna sext just use iMessage
Score: 7 Votes (Like | Disagree)
dcchicago29 Avatar
dcchicago29
147 months ago
After the earlier story that quoted Tim Cook saying spending 10 figures on a company is no problem, and now this snapchat story...

I wish it was April 1st, and the next post on MacRumors is that Apple has agreed to buy SnapChat for $1bil, just to see everyone lose their stuff in the comments.
I mean, Facebook bought Instagram for $1bil, so i could at least be a believable story for a few minutes. Just for the laughs. :p:)

FB already offer $3B for it and was spurned.
Score: 3 Votes (Like | Disagree)
wordoflife Avatar
wordoflife
147 months ago
If you use snapchat, I would suggest only allowing your friends/contacts to snap you.
Score: 3 Votes (Like | Disagree)
Alenore Avatar
Alenore
147 months ago
The fact that iOS enable an application to use all the memory/whatever in the phone is wrong in the first place (would it be Safari or Snapchat).

As for snapchat, it's useful to share quick pictures to everyone, make a "story" (a collection of many pictures, funny in parties!), send random stupid faces, doesn't require cell to be used (only wifi) thus is usable on ipods or with plans with low data, doesn't require to give your phone number, received/read notification, and is quicker to send than sms/mms across all devices.

1. As if your going to have that many friends on there for them to be able to send 1,000 images all at once.

2. As if the average friend will have the know how to perform this and if their your friend why would they want too?

So in reality is doesn't really pose a threat, but if a tech expert wanted too they could exploit it though they would have little t gain from it.

Also aren't cyber community group just the same groups of people who create viruses and other malware who are then taken on by anti virus companies?
It's quite easy to get someone's snapchat nickname (for instance using FB/twitter) and you can then crash their device whenever you want to piss them off. Any teen with some knowledge in dev can simply google the API (leaked on reddit some time ago) and have fun, and I suppose there'll be tools very soon to do it with no knwloedge at all.

Finally, while some cyber community groups are making viruses and all, some of them simply work on security to improve softwares.
Score: 2 Votes (Like | Disagree)
AngerDanger Avatar
AngerDanger
147 months ago
snapchat is more trouble than what its worth. if you wanna sext just use iMessage
okay, let's do this
Ooh, romance is in the air!
Score: 2 Votes (Like | Disagree)
Read All Comments