14 DAY TRIAL // A proof of concept web application is available for anyone to exploit a vulnerability in iOS versions up to 8.2 that causes mobile devices to crash upon receiving a carefully crafted text message.
The service was named Kill My iPhone and it is the creation of John Pacific, a programmer at XMission (an Internet Service Provider in Utah).
PoC can be tested only on phones in the US
He released the app with a disclaimer that it should be employed only with the permission of the phone owner the message is directed to, and he does not take any responsibility for any damage caused by the service.
Pacific notes that the exploit works only if notifications are enabled on the iPhone. Also, it is fit for US phone numbers only.
The bug leveraged by the application is tracked as CVE-2015-1063 and its discovery is credited to Swedish researcher Roman Digerberd. It affects iPhone 4s, iPod Touch 5th generation, iPad 2 and all the versions above them. Apple fixed it with the release of iOS 8.2, on March 9, 2015.
The messages causing the crash are not regular ones, but Flash SMS, also called Class 0 SMS; the abuse can occur on unpatched devices CoreTelephony, the framework managing telephony-related tasks on iOS fails to handle them properly. Correcting the problem was possible by improving the message validation procedure.
Anti-abuse measures implemented
Although John Pacific makes Kill My iPhone app freely available, he implemented some mechanisms that would not allow a bad actor to abuse it for denial-of-service attacks, targeted or not.
As such, sending an iPhone-crashing message requires solving a captcha, which changes at certain intervals and sometimes the user may have to spend some time to get the right answer.
Apart from this, the developer prevents users from firing multiple messages immediately through a cooldown period of three minutes.
Unrelated to this bug, Apple is currently in the process of patching another recently discovered message-related flaw, which can cause both the Messages app and the iDevice to crash.
Until a fix is released, the company issued a workaround for restoring the activity of Messages:
1. Ask Siri to "read unread messages." 2. Use Siri to reply to the malicious message. After you reply, you'll be able to open Messages again. 3. In Messages, swipe left to delete the entire thread. Or tap and hold the malicious message, tap More, and delete the message from the thread.