Snapchat fights spam with new signup verification
Graham Smith, a high school sophomore from Dallas, has been researching the holes that could be used, and his work has actually been very helpful in Snapchat making progress in fixing problems. The first change was to rate limit the Find Friends API to one call per hour, in order to limit how many accounts spammers could get access to, but there was still a loophole where spammers could simply create new accounts each time it wanted to call on the API. Smith brought this loophole to the attention of Snapchat CTO Bobby Murphy by using the loophole to find Murphy's phone number and text him.
After more back and forth with Smith breaking Snapchat's various attempts at security, Snapchat is now trying to slow down that process by making sure bots can't create new accounts. The process is fairly simple if you're human, with what Snapchat is calling "Snap-tcha". When you are signing up for a new account, you now have to verify that you are human by selecting pictures that contain the Snapchat ghost.
Unfortunately, Smith and others think that even this is something of a stopgap option, and Snapchat won't ever be able to get a handle on security. Time will have to tell on that front, but at the very least, all of these troubles are likely pushing companies away from previous attempts at acquiring Snapchat.