January 27, 2016

Beware! Your Android and iPhone Can be Crashed in Just a Click Away and Here’s How

Be cautious where you tap while browsing the social media sites or else you may suffer a lot worse than rickrolling. Some of the trolls and pranksters on the social network are passing around a link which is often concealed with URL shorteners to the iPhone and Android mobiles. These prankish Twitter users are directing the iPhone and Android users to a prank website that causes iPhone to reboot and Android smartphones to hang. The link which is being circulated in the social media by the trolls is “crashsafari.com” and “crashandroid.com” (Don’t click!).

This is a website which was created in 2015 that immediately crashes Android smartphones, Apple devices like iPhones and iPads and can hang up the computers. However, some trolls have raised the stake and are obscuring crashsafari.com, crashandroid.com using link shortener services like Bit.ly making it rather tough for the iPhone and Android users to detect the buggy link.

Impact of the Hack

Crashsafari seems to run javascript code that overloads the victim’s address bar with an infinite series of numbers. Mikko Hypponen, the chief research officer at security firm F-Secure, says that the website, crashsafari.com and an identical site at crashchrome.com actually utilize browsers’ history feature in order to kill them on command. “The problem is that it creates thousands of history entries,” indicating a thread in a Chrome developer’s forum where the bug was reported in 2014. “It takes longer to maintain the list than it takes new entries to come in. It becomes too much, and it tanks.”

Crashsafari

Crashsafari was actually created by Matthew Bryant, a 22-year-old working in application security in San Francisco. He had created this website in order to test how browsers will manipulate odd code that gets tossed at them. He tried to run on the bug autonomously and made the browser and phone-crashing sites. Some prank Twitter users immediately began trolling their colleagues and strangers with the trick.

Don’t click on ‘crashsafari.com’ or ‘crashandroid.com’, it will crash your iPhone and Android smartphone.

However, it is not a critical bug that could harm your iPhone or Android smartphone. Even if you have clicked that particular URL, your iPhone or Android phone doesn’t crash but it just creates thousands of history entries. Actually, the link is just an ordinary web page comprising components which are used maliciously to overload just about any browser.

Is this a Serious Attack?

Apart from provoking fear in maniac iOS and Android users, no harm was done. The victims need not worry and can relax assured that the bug is only a trivial “denial of service” attack, not a crash that can be used to run commands on their machines. Some of you (including me) might experience their phone and computer crashing frequently as Safari reloads and then tries to visit the same URL again.

The website, crashsafari.com adds numbers to the address bar as quick as it can like crashsafari.com/0, then /01, then /012, /0123, and eventually /0123456789101112131415… and so on. Each time it adds a number, that web page is saved to your browser history. It then adds up quick letting the iPhone/Android device to manage such an enormous request and ultimately crashes. Check out the below image:

Malicious Hack

How to Overcome this Hack?

Android devices and other iOS products encounter similar issues. If you click the link or URL on Android phone, it starts heating up after about 20 seconds and has problems performing necessary commands. You can overcome this problem just by quitting your Google Chrome browser. But in many situations, a full reboot is the most powerful way to deal with the bug.

It is suggested that you can put your phone in AIRPLANE mode to stop the continuous cycle of adding more entries to the browser history. Despite the link seems to be growing in demand, a WhoIs search shows that the website was registered on April 29, 2015.

While many reports infer that the website is only crashing devices like iPhones and iPad. Some other independent sources intimate that the bug can crash even Google Chrome in PCs and Android smartphones.You could do well to avoid tapping on any shortened links or URLs for a whilst till Apple and Google bring out a new patch the bug.

About the author 

Imran Uddin


{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}