Does popular IM app Snapchat have security flaws? Yes it does, as you might recall it wasn’t too ago that Snapchat experienced a data leak that resulted in millions of user names and phone numbers getting public. Now we would think that having that one security scare was enough to send the developers at Snapchat scrambling to make their app as secure as possible, but perhaps there could be more work left to be done, thanks to a recent report by cyber security research, Jamie Sanchez. Sanchez recently discovered a security vulnerability that would allow hackers to flood a Snapchat user with thousands of messages in seconds, essentially leading to a denial of service.
“By reusing old tokens, hackers can send massive amounts of messages using powerful computers. This method could be used by spammers to send messages in mass quantities to numerous users, or it could be used to launch a cyber attack on specific individuals.” Sanchez demonstrated this hack by flooding the phone of a reporter for The LA Times, essentially freezing the reporter’s iPhone which had to be hard reseted for it to work again. Now the right thing to do would be to inform Snapchat of this vulnerability, but Sanchez is apparently declining to do so, claiming that the company had no respect for the cyber security research community when they previously ignored the vulnerability that led to the data leak.