Watch out for this ‘text bomb’ now crashing iPhones with a simple message




Spread the love

A newly-discovered bug infecting iOS and Apple Macs can allow pranksters crash your Apple devices by sending a simple text message, a security experts has revealed.

Using what is known as a ‘text bomb’, the attack comes in the form of a short link which, upon delivery, will “freeze the recipient’s device and possibly restart it”, explained Abraham Masri, the researcher who uncovered the flaw – dubbed ‘chaiOS’ – on Tuesday (16 January).

The expert, under the Twitter handle @cheesecakeufo, published the bug’s code to GitHub, a repository site used by programmers and ethical hackers.

“I found a (small) bug that causes device to freeze, respring, drains battery, and/or sometimes panic,” Masri tweeted. “No need to install anything. Just open, tap then paste.” He added a short, but necessary, disclaimer: “Do not use it for bad stuff.”

“Effective Power is back, baby!” he added, in reference to a 2015 bug which spread after Reddit users found non-Latin script sent via text could force iOS reboots.

In January 2017, a similar prank circulated online after YouTube channel EverythingApplePro publicised a flaw that crashed iPhones using only a flag and a rainbow emoji.

The bug was first discovered by French Apple developer Vincent Desmurs. Describing how it worked in a blog at the time (translated into English), he wrote: “When your victim clicks on the message, their Messages app will attempt to load a large amount of data.

“That causes the system to malfunction. The text in the file is too complicated for the system and causes a CPU [issue], freezing the app. If you close the app and try to reopen it, iOS will try to reload the previous message but can’t because it’s the same file [that] contains too much text for the system to handle properly.”

Abraham Masri Tweet
Abraham Masri’s tweet detailing the iOS bug Abraham Masri/Twitter

Luckily, while these pranks can be annoying they are unlikely to cause lasting damage.

Cybersecurity expert Graham Cluley said it is “more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files”.

In a blog post, he added: “Don’t be surprised if Apple rolls out a security update in the near future to fix this latest example of a text bomb. And please, please, don’t be tempted to try the text bomb attack out on anyone else – you’re not being funny, you’re just being a j**k.” – IBTimes