Newfound iMessage security issue spams, crashes app

A reported attack method can target Apple's iMessage service and flood it with messages. So far it remains highly isolated.


Apple's nearly year-and-a-half old iMessage service has been found to be vulnerable to an attack that uses a flood of messages, or messages so long that the application is rendered unstable.

According to a report from The Next Web, a small group of developers have found themselves the target of an attack that does one of those things -- sending what could be thousands of messages.

The source is suspected to be someone with involvement in pirated iOS software, who could have gotten some basic information needed to send another user a message through Apple's messaging service, The Next Web says. That same individual (or group of individuals) is also said to be using throwaway e-mail accounts, making it difficult to trace it back or block future attacks.

CNET has contacted Apple for more information about the issue, and will update this post when we know more.

iMessage is Apple's proprietary messaging platform used between iOS devices, as well as Macs, replacing the need to use text messages on the former. The feature was added in iOS 5, and into Mac OS X in version 10.8 Mountain Lion inside of the Messages app. Apple said in January that its users were now sending more than 2 billion messages on the services each day.

The exploit, which The Next Web says can be set up using AppleScript, comes on the heels of a security holefound on Apple's password reset tool late last week. Apple took the service down for several hours before it was repaired.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

The WRT1900ACS is Linksys' new best Wi-Fi router to date

CNET editor Dong Ngo compares the new WRT1900ACS and the old WRT1900AC Wi-Fi routers from Linksys. Find out which one is better!

by Dong Ngo