• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • iMessage "Denial of Service" Prank Crashes iOS Messages App


    According to the folks over at The Next Web, a recent prank played on a group of iOS developers seems to have revealed a limitation in how Apple handles data sent through its iMessage service, which in some cases can crash the app if the incoming message is too long or contains overly complex characters.

    Popular developers such as ih8sn0w and Grant Paul were among those targeted by a specific type of denial of service (DoS) attack that overwhelmed their Messages inboxes with a load of automatically-generated transmissions. The two developers believe the messages that were sent to them via the Messages app on OS X with a simple AppleScript affecting the barrage that prompts a victim to constantly clear notifications and text. According to Paul:

    Originally Posted by :
    Whatís happening is a simple flood: Apple doesnít seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly.
    After the incident, ih8sn0w mocked up a proof-of-concept AppleScript to demonstrate how such an attack may work. If Apple doesnít limit the influx of messages, a userís app will quickly become filled with piles and piles of spam.

    The real issue that arises with the attack is with the long and/or complex messages that are received. Depending on what is sent, Messages on iOS can crash because it canít process and display the massive amount of data correctly. According to the developers, the app will force itself to close and wonít re-open because it canít properly render the text. As of right now, there isnít any surefire solution to remedy the crashed Messages app.

    The publication suggests "playing around with sending a regular message, then locking the phone and activating the message notification until youíre able to time it right to delete the message thread thatís causing the problem. One thing to note is that if the attacker gets a hold of a userís iMessage handle, the only option may be to disable the account temporarily. If a userís phone number is compromised, iMessage as a whole may have to be turned off.

    The identity of the attack behind the attacks remains unknown at the moment but the messages appear to have originated from a Twitter account used to sell UDIDs and provisioning profiles. Disposable email accounts were being used to send the spam, making it difficult to simply block the culprit as they can simply open another and continue to bombard you with messages.

    Apple hasnít responded to the issue just yet but weíre hoping they will soon.

    Source: The Next Web via AppleInsider
    This article was originally published in forum thread: iMessage "Denial of Service" Prank Crashes iOS Messages App started by Akshay Masand View original post
    Comments 27 Comments
    1. wiipro's Avatar
      wiipro -
      Wow. I wonder what apple will do to fix this.
    1. bmwraw8482's Avatar
      bmwraw8482 -
      Can u sign into messages on
      Osx to clear the problem messages to make it work again?
      I use a different id on each computer/ device for iMessages so I've never really tried...
    1. MetalMatrix's Avatar
      MetalMatrix -
      Could you disable iMessages from external contacts via Settings->Notifications->Messages to prevent this attack?
    1. mustard05's Avatar
      mustard05 -
      I was apart of a huge iMessage group chat consisting of about 6 people. Earlier this week, when everybody happened to be off from work, everyone started iMessaging like crazy and my phone actually crashed. I actually thought to myself "I guess iMessage cant handle that much info coming through at once. Just a coincidence i suppose.
    1. AngryPIG's Avatar
      AngryPIG -
      i done the same thing to my girlfriend months ago. imessaged her 1-684. and her iphone basically took a stroke.
    1. steve-z17's Avatar
      steve-z17 -
      Quote Originally Posted by AngryPIG View Post
      i done the same thing to my girlfriend months ago. imessaged her 1-684. and her iphone basically took a stroke.
      I did that to my brothers phone, he had some simple motorola or nokia phone, but it literally freaked out and wouldn't allow him to do anything!....it was awesome.
    1. Silverado1987's Avatar
      Silverado1987 -
      So now were sent back to the Stone Age again with text messages lol. Makes ya appreciate iMessage. At least for me cause service blows in my house
    1. JesseDegenerate's Avatar
      JesseDegenerate -
      Quote Originally Posted by wiipro View Post
      Wow. I wonder what apple will do to fix this.

      wouldn't this arm the victim with the info needed to just attack back? Anyway hope apple can fix this with something of a server side limit, or server side duplication rules etc.
    1. natemckelvie's Avatar
      natemckelvie -
      Quote Originally Posted by JesseDegenerate View Post
      wouldn't this arm the victim with the info needed to just attack back? Anyway hope apple can fix this with something of a server side limit, or server side duplication rules etc.
      Attacking back would be a waste of time because they are fake generated email accounts. A person like the one that did it to the developers would not care if it was done back because the accounts are fake. Setting up an email and an iMessage account is free. The attackers just make hundreds of fake accounts.

      The sad thing the only way i can see to stop this would be to limit the outgoing iMessage amount which could interfere with someone actually sending lots if real messages.
    1. bmwraw8482's Avatar
      bmwraw8482 -
      Quote Originally Posted by steve-z17 View Post
      I did that to my brothers phone, he had some simple motorola or nokia phone, but it literally freaked out and wouldn't allow him to do anything!....it was awesome.
      That's how my sister ended up with her first iPhone years ago. I copied and pasted a message (SMS because iMessage didn't exist yet) over and over until it was somewhere around 600,000 characters long (that's when my iPhone 3G started to bog down). She was never able to use that little flip phone again!
    1. ctlcretu's Avatar
      ctlcretu -
      somebody can tell me why I can't use modmyi repo. there is a error and even I don't remove repo from sources I can't use cydia. i can't search or manage my packages. "wow, you excedeed the number of package names this APT is capable of."
      "problem with mergelist ..."
    1. rickuk's Avatar
      rickuk -
      Quote Originally Posted by ctlcretu View Post
      somebody can tell me why I can't use modmyi repo. there is a error and even I don't remove repo from sources I can't use cydia. i can't search or manage my packages. "wow, you excedeed the number of package names this APT is capable of."
      "problem with mergelist ..."
      You should have started your own thread

      You have too many sources
    1. plcrules's Avatar
      plcrules -
      i dont get y this is such a big deal if this happens to you there is a little magic switch to turn imessages off?
    1. BIG BUFF's Avatar
      BIG BUFF -
      Just today i sent out 2 iMessage pictures to my wife she never got it and it says its been deliver on my side.
    1. swifty7's Avatar
      swifty7 -
      Quote Originally Posted by ctlcretu View Post
      somebody can tell me why I can't use modmyi repo. there is a error and even I don't remove repo from sources I can't use cydia. i can't search or manage my packages. "wow, you excedeed the number of package names this APT is capable of."
      "problem with mergelist ..."
      had the same problem....easy to fix. First delete both ModmyI and ZodTTD repo's then go to Cydia's homepage
      scroll down a bit and select 'More package sources' from there select Modmyi and you're good to go.....now if you want
      to use ZodTTD repo again then you'll have to do the reverse.

      hope it helps
    1. zplit's Avatar
      zplit -
      Quote Originally Posted by BIG BUFF View Post
      Just today i sent out 2 iMessage pictures to my wife she never got it and it says its been deliver on my side.
      I have this problem for about a week or two.
    1. steve-z17's Avatar
      steve-z17 -
      Quote Originally Posted by bmwraw8482 View Post
      That's how my sister ended up with her first iPhone years ago. I copied and pasted a message (SMS because iMessage didn't exist yet) over and over until it was somewhere around 600,000 characters long (that's when my iPhone 3G started to bog down). She was never able to use that little flip phone again!

      Haha! Nice! There's an app in Cydia that will let you choose how many messages you want to send someone...it's a fun little prank to pull on friends/family!
    1. tankz504's Avatar
      tankz504 -
      What's it called?
    1. PoEtikly's Avatar
      PoEtikly -
      Quote Originally Posted by AngryPIG View Post
      i done the same thing to my girlfriend months ago. imessaged her 1-684. and her iphone basically took a stroke.
      Stalker.......JK
    1. corkey20000's Avatar
      corkey20000 -
      Been doing this for months with friends via the Messages app on 10.8. I will not post the script, but a way to get around your messages app crashing is to send a new text from a separate phone number so your messages app will not auto open the bloated thread. We also do "emoji bombs". We find that iPhone 4 and lower typically crashes when bombarded with Emoji icons.