Posted by: David Harley | January 28, 2016

Crashing Safari: beware of shortened URLs

Australia’s Stay Smart Online has issued an alert warning of how a Social media prank crashes Apple Safari. The browser freeze is caused by a snippet of looping JavaScript that keeps calling the history.pushState() method in the HTML5 API. The attack – as far as I’m concerned, it’s a Trojan, not a prank, even if its effects are usually inconvenient rather than critical (though they could result in lost data) – does affect other browsers to an extent, but Safari seems to be particularly susceptible (on OS X and on iOS). According to 9To5Mac, it freezes on Macs and may require a system restart to recover, while

“On some iPhones and iPads, the glitch may cause your iOS device to reboot.”

Stay Smart Online observes that:

  1. Current Chrome tabs will stop responding but the web browser will continue to work
  2. Firefox will catch the malicious code and ask if the user wants to stop it executing.
  3. Internet Explorer will temporarily stop working, but resume working after a short time.

The site is helpfully named crashsafari.com, but it appears that ‘trolls’ are directing their victims to it using shortened URLs such as bit.ly, t.co and tinyURL. Yet another reason for not following shortened URLs where you can’t preview the real URL.

David Harley

 

Advertisements

Responses

  1. Reblogged this on Check Chain Mail and Hoaxes and commented:

    Already posted to Mac Virus.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: