A security researcher claims to have found a way to exploit the Snapchat app to send thousands messages to iPhone and Android users in a matter of seconds, The LA Times reports. Telefonica consultant Jaime Sanchez reportedly discovered a method for recycling old message tokens when sending new messages.
Snapchat barely just closed the door on an embarrassing security problem that saw spurned researchers release partial phone numbers for millions of accounts. The service also recently fell victim to an increase in spam messages, which it described as “the consequence of a quickly growing service.”
While there’s no evidence yet that Sanchez’s flaw has been exploited in the wild, the problem is serious enough that it can effectively cause a Denial of Service attack on an unsuspecting iPhone user by overwhelming the device with notifications.
We’ve reached out to Snapchat for comment. Sanchez told the Times that he declined to inform the company of the vulnerability because of how it responded to researchers reporting an issue last year.