iPhone Bug Freezes Your Phone With Just One Link -- Security Today

iPhone Bug Freezes Your Phone With Just One Link

The chaiOS bug can freeze or restart your phone without even having to click the link.

By Sydny Shepard
Jan 19, 2018

Imagine receiving a text from someone, you open the thread and see the text is actually a link. Before you even click on the link, your phone freezes up or restarts, throwing you into a panic. Unfortunately, this can happen. It is the exact bug software developer Abraham Masri found in iPhones this past week.

Masri announced the bug, which he aptly named "chaiOS," on his Twitter account and explain that it exploits the fact that iMessages preloads any links to webpages so it can show users a preview of the page. In an interview with Buzzfeed News, Masri explained that he create a webpage hosed on GitHub and stuffed its metadata with hundreds of thousands of unnecessary characters causing your phone to crash when trying to load all of the unexpected information, sometimes taking the entire operating system down with it.

In other news, I found a (small) bug that causes device to freeze, respring, drains battery, and/or sometimes panic.
No need to install anything. Just open, tap then paste. (iOS only).https://t.co/4PxjA6oqiy
thanks to @aaronp613 @garnerlogan65 @lepidusdev @brensalsa for testing
— Abraham Masri (@cheesecakeufo) January 16, 2018

Initially, Masri had posted a link that used the chaiOS in a Tweet on his account, but the page, and a few others that mirror the bug, has since been taken down by the host site. Masri said he isn't going to re-upload the bug, saying he only released it to "get Apple's attention."

No, I'm not going to re-upload it. I made my point. Apple needs to take such bugs more seriously.
— Abraham Masri (@cheesecakeufo) January 17, 2018

Apple has announced they will release a fix for the bug next week.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

2025 Security LeadHER Conference Program Announced

ASIS International and the Security Industry Association (SIA) – the leading membership associations for the security industry – have announced details for the 2025 Security LeadHER conference, a special event dedicated to advancing, connecting and empowering women in the security profession. The third annual Security LeadHER conference will be held Monday, June 9 – Tuesday, June 10, 2025, at the Detroit Marriott Renaissance Center in Detroit, Michigan. This carefully crafted program represents a comprehensive professional development opportunity for women in security this year. To view the full lineup at this year’s event, please visit securityleadher.org. Read Now
- Industry Events
Report: 82 Percent of Phishing Emails Used AI

KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today launched its Phishing Threat Trend Report, detailing key trends, new data, and threat intelligence insights surrounding phishing threats targeting organizations at the start of 2025. Read Now
- Cybersecurity
NRF Supports Federal Bill to Thwart Retail Crime

The National Retail Federation recently announced its support for the Combating Organized Retail Crime Act of 2025. The act was introduced by Chairman Chuck Grassley, R-Iowa, Senator Catherine Cortez Masto, D-Nev., and Representative Dave Joyce, R-Ohio. Read Now
- Retail Loss Prevention
ISC West 2025 Brings Almost 29,000 Industry Professionals to Las Vegas

ISC West 2025, organized by RX and in collaboration with the Security Industry Association, concluded at the Venetian Expo in Las Vegas last week. The nation’s leading comprehensive and converged security event attracted nearly 29,000 industry professionals and left a lasting impression on the global security community. Over five action-packed days, ISC West welcomed more than 19,000 attendees and featured 750 exhibiting brands. Read Now
- Industry Events
- ISC West
Tradeshow Work Can Be Fun

While at ISC West last week, I ran into numerous friends and associates all of which was a pleasant experience. The first question always seemed to be, “How many does this make for you?” Read Now
- Industry Events
- ISC West

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.
ComNet CNGE6FX2TX4PoE

The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance.