Published April 02, 2013
iOS hacks are nothing new, but there are ways to crash the system without complicated exploits or intimate programming knowledge. By taking advantage of weaknesses in Apple's endemic iMessage system, some lads of ill repute have discovered a way to spam users until their phones lock up. iMessage is a text messaging service for users of Macs, iPhones and iPads, although this behavior only poses a threat to iOS devices.
Information comes by way of a number of software experts active in the iOS development and hacking scenes. Griefers (online users who act within the rules to harass others) can develop a simple script to flood an iMessage inbox with a constant stream of nonsense messages.
Usually, this behavior just creates an incredible nuisance, since it clogs a user's device with nonstop notifications and resulting noises. However, even iMessage has limits. Some messages include unusual characters (such as complicated emoticons) that require a special kind of text rendering.
Spamming messages with these characters can cause a device to lock up from apoplectic processing. Even restarting the device may not help right away, since the messages will continue to come at a fast and furious pace, and the device must still render whatever came while the device was turned off. Even if the device does not freeze, receiving a massive amount of spam messages can be a colossal waste of valuable data plan money.
"What’s happening is a simple flood," Grant Paul, an iOS developer, told TNW. "Apple doesn’t seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly." [See also: Five Apple Security Myths and the Hard Truths]
Since the attack cannot permanently damage systems or steal any information, everyday users are unlikely to find themselves on the receiving end of unprovoked attacks. However, if you maintain a public profile or have recently angered someone, your tormentor may find that this is an easy way to pester you with little programming skill and almost no stakes.
Apple may address this problem and add some kind of anti-spam protections into iMessage, but until then, the most practical solution is to turn the program off altogether if you've been affected. If not, you probably don't have much to worry about, but keep an eye on who has your iMessage contact information.