A simple sequence of three character-long text message containing Emoji can cause the block and the reboot os iPhones and iPads running iOS 10.1 or below.
A new Apple’s iOS bug was discovered in the community of mobile tech experts, it can be exploited to crash iPhone or iPad devices by just sending an Emoji text message.
Several users are already reporting the issue and the popular YouTube EverythingApplePro published a video proof-of-concept for the bug. In the video is reported an example of the sequence of characters that temporarily freeze an iPhone causing the device restarting.
The sequence is composed of a white Flag emoji, the digit “0” and a Rainbow emoji. The issue is linked to the way that iOS creates the rainbow flag emoji that is not an official emoji, Apple creates the rainbow flag Emoji by combining the code behind the two white flag and rainbow emoji. Apple iOS joins them by using a hidden character known as a VS16. The iPhone attempts to combine the two emoji, but is unable to because of the zero in the middle.
There are also other ways to crash the Apple mobile device, another hack leverages the same characters used in a contact file that is sent to an iMessage contact via the iCloud’s sharing feature.
“Both the methods mentioned above will crash and iPhone or iPad to varying degrees, although the simple text string sent via a standard iMessage appears to affect iPhones and iPads running iOS 10.1 or below.” reported The Hacker News. “However, the boobytrapped contact card affects all versions of iOS 10, including Apple’s latest iOS 10.2 operating system.”
Users have to upgrade their version to the last one in order to prevent such kind of attacks.
In November the EverythingApplePro reported that most of the Apple devices were crashing when the owners play a video. An iPhone-freezing video circulated online, when users played it in the Safari browser the iPhones slow down until they stop working altogether.
The iPhone-freezing video was first discovered by EverythingApplePro, it is a short .mp4 clip of someone standing by a bed with the words “Honey” written across the screen.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.