PDA

View Full Version : Denial of Service Prank Crashing iMessage App for Targeted Developers




MacRumors
Mar 29, 2013, 07:44 PM
http://images.macrumors.com/im/macrumorsthreadlogo.gif (http://www.macrumors.com/2013/03/29/denial-of-service-prank-crashing-imessage-app-for-targeted-developers/)


The Next Web is reporting (http://thenextweb.com/apple/2013/03/29/imessage-denial-of-service-prank-spams-users-rapidly-with-messages-crashes-ios-messages-app/) that a group of iOS developers has been targeted with a series of rapid-fire messages on iMessage, creating a sort of denial-of-service (DoS) attack that crashes the iMessage app.

Grant Paul, one of the targeted iOS developers explains how the attack worked:
"What's happening is a simple flood: Apple doesn't seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly," Paul says.

The second part of that, he explains, is that if a user sends a 'complex' text message using unicode characters that force a browser to render 'Zalgo' text (http://stackoverflow.com/questions/6579844/how-does-zalgo-text-work), or simply uses a message that is enormous in size, them the Messages app will eventually crash as it fails to display it properly. This will effectively 'break' the Messages app on*iOS by forcing it to close and stop it from re-opening because it can't render that text."iH8sn0w, an iOS jailbreak tool and app developer, showed TNW (http://thenextweb.com/apple/2013/03/29/imessage-denial-of-service-prank-spams-users-rapidly-with-messages-crashes-ios-messages-app/) a proof-of-concept AppleScript that would be able to*create the barrage of iMessages. A potential spammer would only need a person's email address and the AppleScript to engage in the attack, especially after Apple unified phone numbers and email addresses in iOS 6.*

http://images.macrumors.com/article-new/2013/03/imessagedos.png
Currently, there is no way to block particular senders in iMessage, though iH8sn0w said it should be possible for Apple to notice the bursts of messages and block them as repetitive spamming. Victims can also disable iMessage entirely.

It's not clear who initiated the attack, nor why these developers were targeted, though it appears the attacks are merely a prank.

Article Link: Denial of Service Prank Crashing iMessage App for Targeted Developers (http://www.macrumors.com/2013/03/29/denial-of-service-prank-crashing-imessage-app-for-targeted-developers/)



scapegoat81
Mar 29, 2013, 07:48 PM
Beat me to it. I was just getting ready to post this.....

Speedy2
Mar 29, 2013, 07:54 PM
I find it highly surprising that Apple has not put preemptive measures in place to prevent obvious iMessage spam (e.g. extremely high number of messages in a short time).

komodrone
Mar 29, 2013, 07:54 PM
Daft Punk's viral marketing at work for their new album.

DayOfChaos
Mar 29, 2013, 07:55 PM
Great, can't wait for character limits, time limits, verifications and heck put in captcha codes as well.

SomeDudeAsking
Mar 29, 2013, 07:56 PM
Apple can't do services well, or for that matter security either: http://www.theverge.com/2013/3/29/4158594/password-denied-when-will-apple-get-serious-about-security

And it seems like the only way to fix this attack is to completely wipe your iPhone and install every thing from scratch. Even a backup can still have the attack messages that crash iMessage.

Weegee1
Mar 29, 2013, 07:58 PM
Let me guess: It's from China or a Taiwan proxy?

thaifood
Mar 29, 2013, 07:59 PM
I've noticed this before when I've been spammed massive text messages from friends just to be silly. It locked up the app entirely and attempted to open that particular message string would freeze the app for a number of time until it defaults back to the message list.

Alternatively, if you attempt to open the offending string and and leave it open, the message will eventually be processed and open to allow deletion. This can take a few hours though depending on the amount of data sent

SomeDudeAsking
Mar 29, 2013, 08:03 PM
Let me guess: It's from China or a Taiwan proxy?

You do know that many Anonymous members are from the US, right? Not to mention 4chan. Oh, and the US gov conducts attacks on other nations.

Peace
Mar 29, 2013, 08:07 PM
Wouldn't these have to come from an iDevice ?

WordMasterRice
Mar 29, 2013, 08:08 PM
Wouldn't these have to come from an iDevice ?

Not for the last year + that iMessage has been available on OSX

Peace
Mar 29, 2013, 08:12 PM
Not for the last year + that iMessage has been available on OSX

Ahhh. You're correct.

Hackintosh community.

Jerks.

SomeDudeAsking
Mar 29, 2013, 08:13 PM
Ahhh. You're correct.

Hackintosh community.

Jerks.

Not much hacking here, just copy and paste a message until it is big.

Peace
Mar 29, 2013, 08:15 PM
Not much hacking here, just copy and paste a message until it is big.

I didn't say there was any hacking. I said it probably came from the hackintosh community.

They are lesser than script kiddies.

impulse462
Mar 29, 2013, 08:18 PM
People will take you more seriously now Anonymous!

SomeDudeAsking
Mar 29, 2013, 08:23 PM
I didn't say there was any hacking. I said it probably came from the hackintosh community.

They are lesser than script kiddies.

Why does it have to be from the "hackintosh community"? Anyone can carry out this iMessage attack its so simple.

shahin90
Mar 29, 2013, 08:23 PM
I have seen the same exact signature ending with the "expect us" in this torrent: redacted

Peace
Mar 29, 2013, 08:30 PM
Why does it have to be from the "hackintosh community"? Anyone can carry out this iMessage attack its so simple.

Why ? Because its my opinion. We all have them

;)

"The attacks hit at least a half-dozen iOS developer and hacker community members that we know of now, and appear to have originated with a Twitter account involved in selling UDIDs, provisioning profiles and more that facilitate in the installation of pirated App Store apps which are re-signed and distributed"

macsrcool1234
Mar 29, 2013, 08:58 PM
Ahhh. You're correct.

Hackintosh community.

Jerks.

This comment wins for most ridiculous comment I have ever seen on Macrumors and that's saying something.


How do you people think this %!?# up?

SgtPepper12
Mar 29, 2013, 09:04 PM
You do know that many Anonymous members are from the US, right? Not to mention 4chan. Oh, and the US gov conducts attacks on other nations.
Anonymous members? 4chan?
I don't think you know what you're talking about.

CGagnon
Mar 29, 2013, 09:14 PM
wow, these guys are 1337 h@x0r. I remember when I discovered this a year ago when iMessages were still new.

n00bs

lunaoso
Mar 29, 2013, 09:21 PM
I guarantee you a story will come out in a day that the national database has been hacked, but everyone will be talking about how their life is ruined because their messages app on their iPhone is destroyed. :p

Peace
Mar 29, 2013, 09:29 PM
This comment wins for most ridiculous comment I have ever seen on Macrumors and that's saying something.


How do you people think this %!?# up?

You haven't been around long. I've made much worse comments.

Read the story man. It tells you who did it.

I even quoted it.

Plutonius
Mar 29, 2013, 09:36 PM
The Chinese government strikes again :D.

Weegee1
Mar 29, 2013, 10:43 PM
You do know that many Anonymous members are from the US, right? Not to mention 4chan. Oh, and the US gov conducts attacks on other nations.

China funds attacks on US companies. It was on the news recently that they take college graduates and put them to hacking work. The US does hacking for military/anti-terrorism reasons. Anonymous... I don't know, they could be anywhere.

Proof of concept: I blocked China and the rest of eastern Asia from my website. Without exaggeration, hacking attempts have decreased by 99%. If I could, I'd make my router block that area on all ports for incoming packets.

----------

wow, these guys are 1337 h@x0r. I remember when I discovered this a year ago when iMessages were still new.

n00bs

3$ mm3 h33
Mostly because I like making fun of people who use 1337$p33k.

goobot
Mar 29, 2013, 10:43 PM
Haha, i did this once to my cousin over a year ago and his whole phone crashed.

cclloyd
Mar 29, 2013, 11:52 PM
Great, can't wait for character limits, time limits, verifications and heck put in captcha codes as well.

To send an iMessage:
Step 1: Type your message and hit send
Step 2: Put your thumb in the middle of the screen to scan your print
Step 3: Type captcha image
Step 4: Say your verification phrase
Step 5: Take selfie of yourself for face verification
Step 6: Offer 1oz. of blood for dna verifications
Step 7: Repeat until you die of blood loss.

ArtOfWarfare
Mar 30, 2013, 12:31 AM
Great, can't wait for character limits, time limits, verifications and heck put in captcha codes as well.

Character and message limits could easily be placed high enough that you'd never notice them except when spamming someone.

locoboi187
Mar 30, 2013, 01:00 AM
You do know that many Anonymous members are from the US, right? Not to mention 4chan. Oh, and the US gov conducts attacks on other nations.

You do know when he said "china or taiwan proxy" he meant that the group can make it seem like the attacks are coming from a different country, right?

Anti-Lucifer
Mar 30, 2013, 01:03 AM
Apple is really pathetic these days - slow to respond to anything basically. SJ has left for good and the ship is sinking fast.

Simplicated
Mar 30, 2013, 01:29 AM
Apple is really pathetic these days - slow to respond to anything basically. SJ has left for good and the ship is sinking fast.

Yes, basically nothing bad happened when SJ was at the helm. :rolleyes:

fraggot
Mar 30, 2013, 02:45 AM
Any chance this is related? I've been getting this a lot lately.

LeiQQ
Mar 30, 2013, 02:55 AM
China funds attacks on US companies. It was on the news recently that they take college graduates and put them to hacking work. The US does hacking for military/anti-terrorism reasons. Anonymous... I don't know, they could be anywhere.

Proof of concept: I blocked China and the rest of eastern Asia from my website. Without exaggeration, hacking attempts have decreased by 99%. If I could, I'd make my router block that area on all ports for incoming packets.

----------



3$ mm3 h33
Mostly because I like making fun of people who use 1337$p33k.

Ok. So block half the world from your site? Solved your hacking problem but no one can access your site. Well guess that's fine if your site is not relevant to half the world.

----------

You do know when he said "china or taiwan proxy" he meant that the group can make it seem like the attacks are coming from a different country, right?

Exactly.

I'm from the USA but live in Taiwan. Netflix and a number of other sites and apps block me. I just use tools to change my IP.

ConCat
Mar 30, 2013, 03:39 AM
How terrible does a server admin have to be to not be able to handle a simple DDOS attack? Even consumer routers handle that these days... It's studied in freakin college for heaven sake!

iphone495
Mar 30, 2013, 07:41 AM
Any chance this is related? I've been getting this a lot lately.

It appears that 7535 is Att's number. Would it be possible that you exceeded your monthly 3G allowance and they were just trying to warn you? Check with Att and see what they say. Also this is not an iMessage, it's just a regular text, like I said, most likely from Att.

Ingot
Mar 30, 2013, 08:14 AM
Any chance this is related? I've been getting this a lot lately.

This is a recipe for a kick ass chop suey. Tried it last night.

Shrink
Mar 30, 2013, 08:20 AM
Apple is really pathetic these days - slow to respond to anything basically. SJ has left for good and the ship is sinking fast.

Um...I hesitate to mention this, as it might come as a shock, but SJ left quite a while ago... for good.

Really gone.

Not with us any more.

Departed.

I suggest you give up on SJ...;)

:rolleyes:

Squilly
Mar 30, 2013, 08:23 AM
Um...I hesitate to mention this, as it might come as a shock, but SJ left quite a while ago... for good.

Really gone.

Not with us any more.

Departed.

I suggest you give up on SJ...;)

:rolleyes:
But he lives on in anime! :D

DesertEagle
Mar 30, 2013, 08:28 AM
If it's unknown why the devs were targeted, I strongly doubt that Anonymous stands behind. Anonymous are hacking activists, not script-kiddie-pranksters, and they have seldom (if ever) attacked random targets without reason.

rnizlek
Mar 30, 2013, 10:13 AM
Any chance this is related? I've been getting this a lot lately.

This could be a long shot, but I ran into this once when someone who had a basic phone with push to talk enabled upgraded to an iPhone without first disabling PTT with AT&T. Apparently, AT&T's PTT system pushes updates via text message. But give them a call - there's some service on your account that's sending those messages.

mrxak
Mar 30, 2013, 11:21 AM
Please. There is no Anonymous. Anyone can claim to be them, use a few of their pretentious catchphrases, and suddenly oh noes, it's Anonymous!

You really think that there's not a wide variety of individuals and groups with all kinds of diverse aims and beliefs claiming to be Anonymous right now? If I was a hacker, I'd probably call myself Anonymous too, no matter what I was doing or why. If it confuses the authorities or makes me sound more important with "legion" support, why not?

alphaod
Mar 30, 2013, 01:05 PM
Let me guess: It's from China or a Taiwan proxy?

Yeah traced all the way back to the US government.

Ecofriend
Mar 30, 2013, 01:57 PM
How terrible does a server admin have to be to not be able to handle a simple DDOS attack? Even consumer routers handle that these days... It's studied in freakin college for heaven sake!

If you didn't see on the news lately, DDoS attacks are being used to larger effects now. Large enough attacks are being generated to slow the Internet in large area. I find it hard to believe that for now, anyone can prevent themselves from falling prey to a DDoS attack if the attacker has his mind set.

Seandroid
Mar 30, 2013, 02:37 PM
I had a friend accidentally do this to me as a joke, but there is a way to solve it, at least, it worked for me.

Add the number/email they came from as a contact. Then, go into Contacts -> their contact -> Send Message.

This will pull up the conversation with them that causes the messages app to crash.

Then, go back to the conversation window by tapping the back button in the upper right. The conversation view should still load.

Swipe across their conversation to delete it.

If anybody has been affected by this, let me know if it works.

vigorblade
Mar 30, 2013, 02:55 PM
It's not even April yet.

ekdor
Mar 30, 2013, 04:11 PM
It maliciousness, how can it be seen as a "prank". Don't ever make lite of this kind of activity.

IJ Reilly
Mar 30, 2013, 05:56 PM
Please. There is no Anonymous. Anyone can claim to be them, use a few of their pretentious catchphrases, and suddenly oh noes, it's Anonymous!

You really think that there's not a wide variety of individuals and groups with all kinds of diverse aims and beliefs claiming to be Anonymous right now? If I was a hacker, I'd probably call myself Anonymous too, no matter what I was doing or why. If it confuses the authorities or makes me sound more important with "legion" support, why not?

Being anonymous means never having to say who you are.

----------

I had a friend accidentally do this to me as a joke, but there is a way to solve it, at least, it worked for me.

Add the number/email they came from as a contact. Then, go into Contacts -> their contact -> Send Message.

This will pull up the conversation with them that causes the messages app to crash.

Then, go back to the conversation window by tapping the back button in the upper right. The conversation view should still load.

Swipe across their conversation to delete it.

If anybody has been affected by this, let me know if it works.

Would deleting the saved state for iMessage do the same thing?

szw-mapple fan
Mar 30, 2013, 08:53 PM
To send an iMessage:
Step 1: Type your message and hit send
Step 2: Put your thumb in the middle of the screen to scan your print
Step 3: Type captcha image
Step 4: Say your verification phrase
Step 5: Take selfie of yourself for face verification
Step 6: Offer 1oz. of blood for dna verifications
Step 7: Repeat until you die of blood loss.


That's a bit radical. It should be like this:
Step 6: Offer 1 hair for dna verifications
Step 7: Repeat until you are bald.

vmistery
Mar 31, 2013, 03:06 AM
An interesting problem. I guess the first thing to do would be for Apple to do some rate limiting. All sorts you could do with that. I can't imagine they would want to scan every message for problems as I imagine that would put a massive strain on servers. Unless they do some client side verification.

Bako-MacAddict
Mar 31, 2013, 04:08 AM
Daft Punk's viral marketing at work for their new album.

Lol, nice

nt5672
Mar 31, 2013, 07:56 AM
Character and message limits could easily be placed high enough that you'd never notice them except when spamming someone.

I thought we lived in an 140-character-message world now. Why in the world would any self respecting tech giant allow more than that. :rolleyes:

sik08amg
Mar 31, 2013, 07:59 AM
Apple needs to implement something in iMessage that allows you to block messages from particular people. I think we will see expansion on do not disturb in iOS 7. I iBlacklist figured it out, and was helpful preventing repeat texts from advertising firms..

DayOfChaos
Mar 31, 2013, 09:39 AM
To send an iMessage:
Step 1: Type your message and hit send
Step 2: Put your thumb in the middle of the screen to scan your print
Step 3: Type captcha image
Step 4: Say your verification phrase
Step 5: Take selfie of yourself for face verification
Step 6: Offer 1oz. of blood for dna verifications
Step 7: Repeat until you die of blood loss.

That made me happy. :)

klamse25
Mar 31, 2013, 12:39 PM
Ahhh. You're correct.

Hackintosh community.

Jerks.

Are you aware what the hackintosh community even is? It's a community dedicated to getting OS X running on non-Apple x86 machines. Please don't misuse this word. Thanks

slu
Mar 31, 2013, 03:05 PM
Will people please stop quoting and responding to Peace? It makes my ignore list useless. Thanks.

Bo98
Mar 31, 2013, 04:54 PM
That's a bit radical. It should be like this:
Step 6: Offer 1 hair for dna verifications
Step 7: Repeat until you are bald.

You would be screwed if you made a typo in the message and only noticed after you sent it.

ski4ever
Mar 31, 2013, 06:55 PM
This can be easily recreated by sending a single long iMessage with copy and pasted emojis. It will freeze the messages app and you won't be able to open it at all. To fix, just go to a contact and click send message, then cancel the message. You will be taken to message list and just delete the long message. Pretty funny prank.

szw-mapple fan
Mar 31, 2013, 08:30 PM
You would be screwed if you made a typo in the message and only noticed after you sent it.

Don't worry. Apple will offer iRegrowHair Lotion at $999/bottle coming in super light and thin Aluminum and glass cases (It's magical!).

iGrip
Mar 31, 2013, 09:43 PM
Ahhh. You're correct.

Hackintosh community.

Jerks.

Those are the same sort who jailbreak Apple's phones and tablets.

ConCat
Mar 31, 2013, 11:52 PM
If you didn't see on the news lately, DDoS attacks are being used to larger effects now. Large enough attacks are being generated to slow the Internet in large area. I find it hard to believe that for now, anyone can prevent themselves from falling prey to a DDoS attack if the attacker has his mind set.

It depends on how the DDoS attack is structured. This kind of repeating message can easily be stopped by a little bit of spam prevention code. Quite frankly, I'm surprised iMessage doesn't work that way.

szw-mapple fan
Apr 2, 2013, 03:08 AM
Why this appears on the mac blog rather than the ios blog is beyond me.:confused:

fraggot
Apr 16, 2013, 11:20 AM
It appears that 7535 is Att's number. Would it be possible that you exceeded your monthly 3G allowance and they were just trying to warn you? Check with Att and see what they say. Also this is not an iMessage, it's just a regular text, like I said, most likely from Att.

I actually go over my Data Limit pretty often, I miss having unlimited a lot. But usually those texts come to me just fine, they also email me as well to let me know.

So usually if I get those, I get an email at the exact same time. So I'm unsure but I will contact AT&T and ask them.

thatgirl87
Apr 20, 2013, 07:36 AM
I just got those messages this morning. I had to turn off me and my brother's iMessages.