Snapchat is once again at the centre of a security row, after a Telefonica employee discovered a way to launch a Denial of Service (DoS) attack on the hugely popular messaging app on iOS and Android.
The vulnerabilty, found by Telefonica’s cyber security consultant Jaime Sanchez, could allow hackers to blitz smartphones with thousands of messages. The aim would be to crash and slow down devices to the point of them being unusable.
Sanchez demonstrated his method to the LA Times. He said a flaw in Snapchat’s system allowed him to access unique ‘tokens’, which are special numbers that are generated every time users want to send a message.
These old numbers can then be used to send new messages to users. Sanchez showed how he could cripple an iPhone in a matter of seconds by sending these missives from his PC.
Snapchat has since disabled Sanchez’s account and issued a statement saying: “We are interested in learning more and can be contacted at firstname.lastname@example.org.”
Snapchat has suffered from a string of security breaches in recent months.
Millions of users’ phone numbers were leaked online at the end of December, while its updated security measures, aimed at preventing bots from creating Snapchat accounts, were easily bypassed in January.