Denial of Service Prank Crashing iMessage App for Targeted Developers

The Next Web is reporting that a group of iOS developers has been targeted with a series of rapid-fire messages on iMessage, creating a sort of denial-of-service (DoS) attack that crashes the iMessage app.

Grant Paul, one of the targeted iOS developers explains how the attack worked:
“What’s happening is a simple flood: Apple doesn’t seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly,” Paul says.

The second part of that, he explains, is that if a user sends a ‘complex’ text message using unicode characters that force a browser to render ‘Zalgo’ text, or simply uses a message that is enormous in size, them the Messages app will eventually crash as it fails to display it properly. This will effectively ‘break’ the Messages app on iOS by forcing it to close and stop it from re-opening because it can’t render that text.”
iH8sn0w, an iOS jailbreak tool and app developer, showed TNW a proof-of-concept AppleScript that would be able to create the barrage of iMessages. A potential spammer would only need a person's email address and the AppleScript to engage in the attack, especially after Apple unified phone numbers and email addresses in iOS 6. 

imessagedos
Currently, there is no way to block particular senders in iMessage, though iH8sn0w said it should be possible for Apple to notice the bursts of messages and block them as repetitive spamming. Victims can also disable iMessage entirely.

It's not clear who initiated the attack, nor why these developers were targeted, though it appears the attacks are merely a prank.

Top Rated Comments

(View all)

20 months ago

Ahhh. You're correct.

Hackintosh community.

Jerks.


This comment wins for most ridiculous comment I have ever seen on Macrumors and that's saying something.


How do you people think this %!?# up?
Rating: 11 Votes
20 months ago
I find it highly surprising that Apple has not put preemptive measures in place to prevent obvious iMessage spam (e.g. extremely high number of messages in a short time).
Rating: 8 Votes
20 months ago
Daft Punk's viral marketing at work for their new album.
Rating: 8 Votes
20 months ago

I didn't say there was any hacking. I said it probably came from the hackintosh community.

They are lesser than script kiddies.


Why does it have to be from the "hackintosh community"? Anyone can carry out this iMessage attack its so simple.
Rating: 8 Votes
20 months ago
Great, can't wait for character limits, time limits, verifications and heck put in captcha codes as well.
Rating: 7 Votes
20 months ago

Great, can't wait for character limits, time limits, verifications and heck put in captcha codes as well.


To send an iMessage:
Step 1: Type your message and hit send
Step 2: Put your thumb in the middle of the screen to scan your print
Step 3: Type captcha image
Step 4: Say your verification phrase
Step 5: Take selfie of yourself for face verification
Step 6: Offer 1oz. of blood for dna verifications
Step 7: Repeat until you die of blood loss.
Rating: 7 Votes
20 months ago

This comment wins for most ridiculous comment I have ever seen on Macrumors and that's saying something.


How do you people think this %!?# up?


You haven't been around long. I've made much worse comments.

Read the story man. It tells you who did it.

I even quoted it.
Rating: 7 Votes
20 months ago
Let me guess: It's from China or a Taiwan proxy?
Rating: 4 Votes
20 months ago

You do know that many Anonymous members are from the US, right? Not to mention 4chan. Oh, and the US gov conducts attacks on other nations.


China funds attacks on US companies. It was on the news recently that they take college graduates and put them to hacking work. The US does hacking for military/anti-terrorism reasons. Anonymous... I don't know, they could be anywhere.

Proof of concept: I blocked China and the rest of eastern Asia from my website. Without exaggeration, hacking attempts have decreased by 99%. If I could, I'd make my router block that area on all ports for incoming packets.

----------

wow, these guys are 1337 h@x0r. I remember when I discovered this a year ago when iMessages were still new.

n00bs


ß3$† çømm3ñ† h3®3
Mostly because I like making fun of people who use 1337$p33k.
Rating: 4 Votes
20 months ago

Apple is really pathetic these days - slow to respond to anything basically. SJ has left for good and the ship is sinking fast.


Yes, basically nothing bad happened when SJ was at the helm. :rolleyes:
Rating: 3 Votes

[ Read All Comments ]