Posted by: David Harley | January 28, 2016

Crashing Safari: beware of shortened URLs

Australia’s Stay Smart Online has issued an alert warning of how a Social media prank crashes Apple Safari. The browser freeze is caused by a snippet of looping JavaScript that keeps calling the history.pushState() method in the HTML5 API. The attack – as far as I’m concerned, it’s a Trojan, not a prank, even if its effects are usually inconvenient rather than critical (though they could result in lost data) – does affect other browsers to an extent, but Safari seems to be particularly susceptible (on OS X and on iOS). According to 9To5Mac, it freezes on Macs and may require a system restart to recover, while

“On some iPhones and iPads, the glitch may cause your iOS device to reboot.”

Stay Smart Online observes that:

  1. Current Chrome tabs will stop responding but the web browser will continue to work
  2. Firefox will catch the malicious code and ask if the user wants to stop it executing.
  3. Internet Explorer will temporarily stop working, but resume working after a short time.

The site is helpfully named, but it appears that ‘trolls’ are directing their victims to it using shortened URLs such as, and tinyURL. Yet another reason for not following shortened URLs where you can’t preview the real URL.

David Harley



  1. Reblogged this on Check Chain Mail and Hoaxes and commented:

    Already posted to Mac Virus.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: