iMessage has been patched by Apple to address a vulnerability that allowed a malicious hacker to steal a user’s chat history and MMS media wirelessly by sending a single link. If a user were to click on this link, which is a set of Javascript commands, their data would be transmitted to the hacker’s server, with no way of reversing the process.
iMessage executes Javascript URLs. What is this clown show. https://t.co/lxuAIutKaO
— Matthew Green (@matthew_d_green) April 8, 2016
The attacks focused on the iMessage client for OS X, but could work on any iPhone that had turned SMS forwarding on, according to The Verge .
The bug was discovered by Joe DeMesy, Shubham Shah and Matthew Bryant (Uber Security Team), who told Apple about the iMessage vulnerability before anybody malicious could use the cross-scripting bug for nefarious purposes.
Apple fixed the bug in March 2016, with an update called CVE-2016-1764 . For technical details on how the attack could have been carried out, make sure to watch the video below or read this blog post on Bishop Fox .
The trio of researchers conclude on a worthwhile point. URLs can wreak damage on a computer system, and many people assume them to be harmless, which is far from the truth.
So the best bet is treat URLs like candy: If they’re coming from a stranger, just say no.
