Strange iPhone behaviour

[Findthepin1]

My iPhone has been acting strange as of late. I received a text from a friend that they had no recollection of sending. Later my iPhone sent the same text to someone else while supposedly turned off. Safari has been crashing randomly since I got the text and the phone is draining more power than it should.

The text was as follows:

effective.

Power

Ù„ÙÂÙ„ÙÂصّبÙÂÙ„ÙÂلصّبÙÂررً ॣ ॣh ॣ ॣ

冗

I am using an iPhone 5 with iOS 7.1.2 and/or version 11D257. Is this iPhone activity a virus?

[Fel]

http://www.al.com/news/index.ssf/2015/05/specific_text_message_can_cras.html

Cool ;p

[Kryten]

The text message is one that can cause your phone to reboot after receiving and/or sending it due to a glitch in iOS unicode handling. The glitch shouldn't cause long-term issues or cause your phone to send the message itself, so it seems you have a virus set up to exploit it.

[Fel]

The text message is one that can cause your phone to reboot after receiving and/or sending it due to a glitch in iOS unicode handling. The glitch shouldn't cause long-term issues or cause your phone to send the message itself, so it seems you have a virus set up to exploit it.

A small part of that text message is the issue, but it is very possible that the rest of it could have dirty code. The "ل ॣ ॣ" is said to be the only code needed, so why the rest? Unless it actually is an assembly command and is using the crash to gain higher permissions.

Remember, overflow attacks are the strongest tool in a virus maker's arsenal.

[Kryten]

That whole message up there is the one that went viral, if it lead to these kind of issues on it's own it'd be well documented.

[Fel]

That whole message up there is the one that went viral, if it lead to these kind of issues on it's own it'd be well documented.

"Many Eyes" has been disproved a million times over. People have determined that it causes a crash, and they've determined that the key factor in causing the crash is a particular string in the unicode. They did NOT verify it was not malicious code. The problem is, "Many Eyes" is false security because it really is about removing the necessity for you to act securely from the picture. You believe that there are "Many Eyes" checking something and thus you don't check it, you put faith in others and then we go from "Many Eyes" to "few eyes".... even on the whole "Many Eyes" being done as intended, you assume people actually are verifying in a rigorous manner, especially with the use of a debugger. The underhanded C contest is enough to show how "Many Eyes" are easily blinded.

The only testing being done is to discover how it worked, not what else it did. Apple wouldn't be one to admit they had a virus when they can cover it up and save face in PR; the people figuring it out don't even describe using a professional environment and are throwing mud and seeing what sticks.

I say again, overflows are extremely powerful tools in a virus maker's arsenal. Yes the overflow caused the crash, but did it cause anything else?

Edited June 22, 2015 by Fel

[Kryten]

What I mean is that nobody else is reporting the subsequent battery issues or the message being sent on, at least in large enough numbers to show up in the first few pages of Google.

[Fel]

What I mean is that nobody else is reporting the subsequent battery issues or the message being sent on, at least in large enough numbers to show up in the first few pages of Google.

It could be a sleeper that just activated; or only fully work under a unique set of conditions.

These things really are more dangerous than people treat them.

[LordFerret]

There were several articles on this a few weeks back which fully documented what was happening and why, it's entirely due to the way unicode was being handled and nothing more... people have been sending it out all over the place in light of playing jokes on friends. Go further back in Google and you will find the articles - this is actually old news.