A handful of Apple developers have found their iMessage accounts the victim of what’s being loosely referred to as a series of denial-of-service attacks. Using rapid-fire AppleScript texts, attackers have been sending many messages at a time to about half a dozen iOS developers over the last week.
The attacks, which are really more distracting than anything else, were described in detail by Matthew Panzarino, a Managing Editor at TheNextWeb, on Friday.
Since we’re talking about thousands upon thousands of messages, they can quickly overwhelm the iMessage app, forcing the app to freeze. The attackers are also sending “large Unicode text blocks” – that can’t be read by iMessage – to developers that forces the app on iOS to close and stop it from re-opening.
“What’s happening is a simple flood: Apple doesn’t seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly,” Grant Paul, an iOS developer told TNW.
According to developers, the emails have been traced back to a slew of throwaway email accounts, which Apple can in turn block, but at that point the attacker could merely start sending the messages through another email account.
While officials from Apple failed to respond to an email request for comment at the time of publication, it appears an update for iMessage, perhaps one in which users can block certain messages from certain users or one where Apple can implement some sort of detection service for its instant messenger service is inevitable.