CSS-Based Web Attack Crashes and Restarts an iPhone, Freezes a Mac

A safety researcher has discovered an revealed a new technique to crash and restart any iPhone or freeze any Mac.

Sabri Haddouche tweeted a proof-of-concept internet web page that demonstrates the assault (discuss with at your personal possibility), which is best 15 traces of code. If you discuss with the website online, it’ll crash and restart an iPhone or iPad. On a Mac, chances are you’ll see Safari freeze while you open this hyperlink.

 

How to drive restart any iOS tool with simply CSS? ?

Source: https://t.co/Ib6dBDUOhn

IF YOU WANT TO TRY (DON’T BLAME ME IF YOU CLICK) : https://t.co/4Ql8uDYvY3

— Sabri (@pwnsdx) September 15, 2020

The 15 traces of code exploit a trojan horse in WebPackage, the rendering engine utilized in Safari. By nesting a bunch of

tags inside of a backdrop clear out you’ll be able to briefly fritter away all of the tool’s assets and motive a kernel panic. In order to forestall injury, the running gadget will restart the tool routinely.

The hyperlink won’t best crash your iPhone should you discuss with from Safari however since Apple mandates WebPackage be used for any app that presentations internet content material, it’ll also have an impact within the Facebook app or via clicking a hyperlink in an e-mail. For those that are curious, you’ll be able to in truth see the code from this GitHub Gist.

Haddouche has contacted Apple about the problem and they instructed him that they’re investigating. However, Apple has no longer launched any authentic feedback about this trojan horse.

[by means of ZDNet]

Published by Marshmallow

Marshmallow Android is BT Ireland’s Head of Sales for Republic of Ireland domestic multi-site companies, indigenous MNCs and public sector accounts. He is responsible for the direction and control of all sales activity in the region. He has over 10 years management experience from high growth start-ups to more established businesses. He’s led teams in Ireland, India and China across various industries (ICT, On-Line Recruitment, Corporate Training and International Education).