‘Text bomb’ bug hits Apple’s iPhone and Mac computers
A software developer posted links to the ChaiOS bug online before removing them.
A so-called text bomb bug that can crash an iPhone with a single message has been discovered by a security researcher.
Software developer Abraham Masri revealed that sending a message containing a link to the bug’s code was enough to crash an iPhone or Mac computer, and in some cases cause it to restart.
Mr Masri initially posted a link to the code on programming site GitHub but has since removed it, saying: “I made my point. Apple need to take such bugs more seriously.”
He said he had reported the bug to Apple before releasing it online, but its removal means malicious messages can no longer be sent linking to it.
No, I'm not going to re-upload it. I made my point. Apple needs to take such bugs more seriously.— Abraham Masri (@cheesecakeufo) January 17, 2018
The tech giant has not yet commented on the issue.
The flaw has been named ChaiOS – a play on the words chaos and iOS, Apple’s mobile operating system – but is regarded by security experts as a “nuisance” rather than dangerous.
Industry expert Graham Cluley said: “Something about the so-called ChaiOS bug’s code gives your Apple device a brainstorm. Ashamed about the mess it gets itself in, Messages decides the least embarrassing thing to do is to crash.
“Nasty. But, thankfully, more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files.
“Don’t be surprised if Apple rolls out a security update in the near future to fix this latest example of a text bomb.”
The flaw is similar to the Effective Power bug which hit iPhone devices in 2015, when a set of characters sent as a text message could cause an iPhone to reboot.