Monday, 10 February 2014

Snapchat Fixes Flaw That Let Attackers Shut Down Phones


Snapchat believes it has fixed a security flaw that made it possible for attackers to use the app to overload users' iPhones, and potentially make the devices freeze up.
Madrid-based security researcher Jaime Sanchez discovered the problem in December, and he published a blog post on Friday about the flaw in the photo-sharing app.
As Sanchez explained in his post, the problems lay in Snapchat's "security tokens." These tokens, or pieces of code, work like a temporary password to prove users' identity to the app — and they are generated every time a user sends a message or takes any other action in the app.
In Snapchat's case, Sanchez said, the tokens weren't temporary; they appeared not to expire as they should have. So he was able to re-use old tokens over and over to send new messages.
That posed two big problems: First, it could give attackers an easy and quick way to send massive amounts of Snapchat spam.
"It's just a math problem," Sanchez told NBC News via Skype chat. "I have ... one token that I can share with different instances of my program to send snaps, and several servers that can send thousands of request per minute."
Secondly, a hacker could target one specific user in what is called a "denial of service" attack, overloading a phone with so many messages that the device could freeze or crash.
Sanchez demonstrated the attack in an article and video that "The Los Angeles Times" posted on Friday, in which he sent the reporter's Snapchat account 1,000 messages in just five seconds. The reporter's iPhone crashed. (The same attack severely slows Android phones, but those devices don't crash, Sanchez said.)
Snapchat has suffered a series of security breaches on its photo-sharing app, including an incident in January in which hackers temporarily posted online usernames and phone numbers for 4.6 million Snapchat users.
Snapchat told NBC News that it first learned of the latest flaw from the LA Times.
"We believe we have addressed the issue as early as Friday, and we continue to make significant progress in our efforts to secure Snapchat," the company said via email.

No comments: