Security News > 2020 > April > Latest Apple Text-Bomb Crashes iPhones via Message Notifications

Apple devices are vulnerable to a "Text bomb" attack where simply looking at messages or posts containing characters in the Sindhi language can crash devices.

The problem occurs in a number of different scenarios, including if the character string shows up in a text message - in fact, just looking at a message notification containing a message preview will crash the system.

Other text-bomb attacks that don't relate to Unicode symbols have made the rounds in the past: The chaiOS bug in 2018 for instance allowed attackers to crash or freeze phones just by sending a text message containing a hyperlink to malicious code hosted on GitHub.

Last year, an Apple iMessage bug made the rounds that allowed attackers to brick iPhones running older iOS versions, by sending a specially crafted message to a vulnerable device.

A widely disseminated report published Wednesday by ZecOps claimed that bugs in the Apple Mail app on iPhones and have been exploited in the wild since 2018 by an "Advanced threat operator." However, Apple said in a statement to Bloomberg's Apple correspondent Mark Gurman that he posted on Twitter that the findings aren't true.

News URL

https://threatpost.com/apple-text-bomb-crashes-iphones-message-notifications/155144/