Monday, November 25, 2024
HomeMobile AttacksSerious iOS Bug - A Single Text Character Can Crash any Apple...

Serious iOS Bug – A Single Text Character Can Crash any Apple iPhone, Mac or iPad

Published on

A single character can crash iPhone if it simply pasted in the text field, received as a message via apps like Facebook Messenger, WhatsApp, etc can crash the application or the entire device.

This bug can be exploited very easily, all you need is to send them a single Telugu character which is spoken in India by about 70 million people. You can find the Character in Question below.

crash iPhone

If you received the character with an application like WhatsApp, Twitter, Facebook, etc the application will crash in the continuous loop each and every time you try to start the application.

- Advertisement - SIEM as a Service

The worst part is if someone sends the text to you and the iOS tries to show that in notification leads to the whole system crashes on iPads, Macs, Apple’s iOS Springboard, iPhones, Apple Watches, and Macs.

Seems the Beta version of iOS 11.3 is already immune to the attack and the users of Telegram and Skype are not affected.

https://twitter.com/info_dox/status/964205281700802561

The bug was published in Openradar and the news first appeared in mobileworld. Apple was already intimated about the bug. Today Apple Announced that a bug fix will be issued soon covering the vulnerability.

Last January Abraham Masri found a chaiOS that a single malicious link can cause the device to freeze, drain the battery and possibly restart.

Temporary Mitigation – Crash iPhone

If your Whatsapp is crashed then ask any users to send a new normal message so that you can jump to the app through notification section and delete the thread to resolve the issue.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to...

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Ghost Tap Attack, Hackers Stolen Credit Card Linked To Google Pay Or Apple Pay

Threat actors are exploiting a new cash-out tactic called "Ghost Tap" to siphon funds...

HookBot Malware Use Overlay Attacks Impersonate As Popular Brands To Steal Data

The HookBot malware family employs overlay attacks to trick users into revealing sensitive information...

Hardcoded Creds in Popular Apps Put Millions of Android and iOS Users at Risk

Recent analysis has revealed a concerning trend in mobile app security: Many popular apps...