Monday, May 19, 2025
HomeSecurity NewsNew ChaiOS "Text Bomb" Bug that can Crash any iPhones, iPads and...

New ChaiOS “Text Bomb” Bug that can Crash any iPhones, iPads and Macs with a Single Link

Published on

SIEM as a Service

Follow Us on Google News

A new bug dubbed chaiOS ” Text Bomb ” can affect iMessage apps on macOS and iOS. On iPhone, a single malicious link can cause the device to crash and with macOS, it kills safari browser.

The bug was discovered by Abraham Masri and it makes the target device to freeze, drain the battery and possibly restart.

He posted the PoC link in GitHub and reported in twitter, at the time of writing the link ends up with 404, seems GitHub administrator removed it.

- Advertisement - Google News

https://twitter.com/cheesecakeufo/status/953401511429726210

9to5mac reported the chaiOS bug and had mixed results “In some instances, sending the link would cause both the sender and recipient’s device to respiring or cause the Messages app to instantly freeze and crash“.

ChaiOS bug tested with iOS 11.1.2, users don’t require to do any installation, all they need to do is simply sending the malicious link in an SMS message.

The flaw resembles Effective Power bug which hits iPhone a few years before. ChaiOS will not make a serious impact as of now, it can be used to play pranks.

Also Read Apple Released a Critical Security Updates for iOS 11.2.1

“I found a (small) bug that causes the device to freeze, respring, drains the battery, and/or sometimes panic,” says Abraham Masri.

No need to install anything. Just open, tap then paste. Here you can see how it works.

Mitigations – Text Bomb

  • Forcing the message app to close and delete the thread.
  • Reddit user “TeCHEyE_RDT” suggested to send a message to yourself and delete the threat.
Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials

A newly identified phishing campaign is targeting unsuspecting users by masquerading as urgent Zoom...

New Hannibal Stealer Uses Stealth and Obfuscation to Evade Detection

A newly identified piece of malware, dubbed the "Hannibal Stealer," has emerged as a...

Chinese APT Hackers Target Organizations Using Korplug Loaders and Malicious USB Drives

Advanced persistent threat (APT) groups with ties to China have become persistent players in...

Cache Timing Techniques Used to Bypass Windows 11 KASLR and Reveal Kernel Base

Cache timing side-channel attacks have been used to circumvent Kernel Address Space Layout Randomization...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection

Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs...

UK Government to Shift Away from Passwords in New Security Move

UK government has unveiled plans to implement passkey technology across its digital services later...

New Spam Campaign Leverages Remote Monitoring Tools to Exploit Organizations

A sophisticated spam campaign targeting Portuguese-speaking users in Brazil has been uncovered by Cisco...