Saturday, March 30, 2013

Selected Apple iMessage users hit by DDoS attack, forcing iOS app crash

Selected Apple iMessage users hit by DDoS attack, forcing iOS app crash

iMessage proving vulnerable to attack

A group of iOS developers and hackers are reporting they've become the target of a malicious attack which overwhelms the Apple iMessage application with spam texts.

The attack, which appears to be confined to those directly targeted, sends messages (claiming to be from Anonymous) in such a large volume that the recipient is constantly receiving notifications.

The next level is to send a single 'Zaglo text' so large in size that the iOS iMessage app cannot cope with the load and crashes.

As Apple's iMessage app does not limit how fast texts can be sent, and does not allow users to block senders, there's no mechanism in place to prevent their instant delivery.

Motivation?

This constitues a new kind of DDoS attack, the kind of which we've seen hackers and online activists use to bring down government websites in the past couple of years.

The iMessage pranksters' motivation isn't totally clear at present, but The Next Web reports that the attack originated from a Twitter account "involved in selling UDIDs, provisioning profiles and more that facilitate in the installation of pirated App Store apps which are re-signed and distributed."

The report suggests that the attack was conducted using AppleScript to set up and send the overwhelming number of messages using the OS X iMessage client, something one victim said was extremely easy to do.

iOS developer Paul Grant told The Next Web: "What's happening is a simple flood: Apple doesn't seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly."

Apple has been notified of the issue, but is yet to comment.


Source : http://www.techradar.com/news/computing/apple/selected-apple-imessage-users-hit-by-ddos-attack-forcing-ios-app-crash-1141657

0 comments:

Post a Comment