chaiOS Attack Crashes iMessage on macOS and iOS

Security researcher Abraham Masri has discovered a bug known as chaiOS. This new issue is reminiscent of the old Effective Power bug found back in 2015. Like its predecessor, chaiOS allows someone to send a “text bomb” to the iMessage app, causing it to freeze or crash.

Unlike Effective Power, the chaiOS attack works not only on iOS but also on macOS. According to researchers from Yalu Jailbreak, iMessage is vulnerable on macOS High Sierra, iOS 10 through 10.3.3, and iOS 11 through 11.2.1. Masri confirmed that the bug affects devices ranging from the iPhone 5S to the iPhone X.

How the Attack Works

The attack is extremely simple to execute: the attacker sends the victim a link to a website hosting a malicious file. This file contains hundreds of thousands of useless characters in its metadata. When iMessage tries to load the link and preloads its content, the app can’t handle it and either crashes, becomes extremely laggy, or in some cases, freezes the entire system.

Spread and Impact

Although Masri published a proof-of-concept exploit link on his Twitter, it was quickly removed from GitHub due to concerns about abuse. However, users managed to download the exploit and re-upload it to private servers, making it difficult to remove completely. As a result, many Apple device owners may become targets of pranksters in the coming days.

Apple representatives have promised to release a fix the following week. For those who have already fallen victim to this attack, it is recommended to clear the conversation history with the sender (this method only works if the malicious message is deleted quickly enough, before the app freezes), reset the device to factory settings, or wait for the official patch.

Video Demonstration

The video below demonstrates the chaiOS attack in action.