A malicious website that crashes iPhone when link is clicked out

ByNathan Borror

A malicious site that crashes iPhone by simply clicking (tapping) the link destination URL and accessing the siteCrashSafari.comIt is very popular abroad.

Watch out for this new URL that will crash your iPhone and Mac Safari if you click it | 9to5Mac
http://9to5mac.com/2016/01/25/safari-mac-iphone-ipad-crash/

Clickers Beware: 'CrashSafari' Links Will Kill Your iPhone - NBC News
http://www.nbcnews.com/tech/security/clickers-beware-crashsafari-links-will-kill-your-iphone-n503941

CrashSafari.com is a service that freezes the browser Safari of iOS device and forces the terminal to reboot, which is a meaningful service that the name of the site is mischievous purpose mimickingly.

There are so far specific iOS devices such as iPhonesReceive textYaMovie watchingCrashSafari.com did not bug the terminal and software bugs, it adopted a simple mechanism using Javascript, even Android terminal and PC other than the iOS terminal, There is enough danger of freezing.

The mechanism is simple that JavaScript embedded in the header title of CrashSafari.com adds numbers to URLs and reloads them and keeps them in the history.


When you visit CrashSafari.com, the number is added more and more to the end of the URL like this and it is a mechanism to forcibly process it, it is extremely simple that the terminal freezes when it can not tolerate the load.


Since CrashSafari.com already has signs of a worldwide pandemic through smartphone mails and SNS postings, it is safe not to click even if a link URL is found. However, the link URL of CrashSafari.com is not necessarily easy to understand as "crashsafari.com"T.coYaBitlySince URLs are likely to be disguised using shortened URL services such as URLs, it is necessary to be careful not to easily click on short URLs such as Twitter.

Similarly, a site named crashchrome.com has appeared, and there is a possibility that a malicious site adopting the same mechanism will grow in the future.

◆ 2016/01/29 postscript added
I found out that CrashSafari.com was an engineer living in San Francisco.

Hack Brief: Do not Be Trolled by This iPhone-Crashing Link Meme | WIRED
http://www.wired.com/2016/01/hack-brief-dont-be-trolled-by-this-iphone-crashing-link-meme/?mbid=social_twitter

CrashSafari.com was created by Matthew Bryant, a 22-year-old security software engineer, who made it as a joke to kill time and spread it in the form of Twitter's shortened link.

A page that explains the structure of CrashSafari.com also appeared.

Do not share the link that crashes iPhones and Mac browsers - Naked Security
https://nakedsecurity.sophos.com/2016/01/26/dont-share-the-link-that-crashes/

It is said that it adds a character string to the URL, adds it to the history of the browser using the command "history.pushState ()", and uses up the memory.