A security breach leaves Apple's mobile useless without the need to click on a link. Just open a message to freeze the iPhone and, in some cases, leave it useless. It is not the first virus that spreads through SMS or messaging, but it is surprising to activate without having to open a link, which used to be the usual way to do phishing (to capture passwords) or impersonate identity stealing credentials.
The ruling has been discovered thanks to Abraham Masri, a young developer, who has called the ChaiOS ruling and published it on GitHub, a programming store. Speaking to BuzzFeed, he explains that he found it when he was shredding parts of the operating system and was adding characters in the internal code.
He also posted it on his Twitter profile: "This text message freezes the addressee's cell phone, and surely he has to reinstall everything again. Do not use it for bad purposes. "
Text the link below, it will freeze the recipient's device, and possibly restart it. https://t.co/Ln93XN51Kq
- Abraham Masri (@cheesecakeufo) January 16, 2018
Also, that means that someone who wants to damage a third party's mobile just has to send it and wait for it to open. After tests on several iPhone models. So, the bug affects almost all models with iOS from version 10 to 11.2.5 beta 5, the penultimate. In addition, Apple has released beta six on Wednesday morning.
iMessage is Apple's messaging system, not just its mobile phones. Although it has not yet been tested, the researcher analyzes whether it could affect Mac computers in a way similar to an error that occurred in 2015.
The bug I released was to get @Apple 's attention. It's just an html file. @Github always hosted jailbreaks (even .ipa files) that might've included malware. I do not understand why you'd ban my account.
Btw, I always report bugs before releasing them.
- Abraham Masri (@cheesecakeufo) January 17, 2018
Masri's account on GitHub has been canceled. He cannot access, but you can check the content of his creations. "It's public access, so anyone can copy and house it somewhere else. I do not intend to do anything bad. My idea was to get to Apple and let them see that they have been ignoring my bug warnings. I always do it before they get the final version of something, "he says in BuzzFeed," Once I warned of an error that disabled the mobile screen. Something that should not be able to be done. I warned them, and they told me that it did not seem like an issue to be taken into account. "
Apple has not made any statement about it.