Site CrashSafari.com sends iPhones to reboot

Warning: do not enter this site without preparation.

In the past couple of days , a link to CrashSafari.com, which hangs Safari browser and sends the iPhone to reboot, has started to spread on social networks. This does not limit its malicious action: an attempt to open a website on a desktop can also lead to a system hangup, for example, in the Chrome browser under Windows 7.

The same browser reboot technique is available on CrashChrome.com. In this case, the Chrome browser under Windows, Mac, iOS and Android is vulnerable.

It is especially dangerous that on Twitter and other social networks you can post a shortened link on CrashSafari.com, skipped through a link shortening such as Bit.ly.
')

CrashSafari.com sends an endless string of characters to the browser address bar, causing a memory leak problem. IOS devices go into reboot in 15-20 seconds.

There is an identical site CrashChrome.com. In discussing the problem on the Chrome developer forum, renowned expert Mikko Hypponen from F-Secure explained that crashsafari.com and crashchrome.com actually exploit the function of accessing the history of visited pages history.pushState() .

 for(var i = 0; i<1000000; i++){ history.pushState(null,'',''); } 

crash.html

The bug is effective, including on the latest versions of iOS, as well as in Chrome and Firefox browsers.

In fact, the site has been working for about a year, but just last week the link began to actively spread various jokers on social networks. So be careful!


According to Wired , the site CrashSafari.com launched a 22-year-old security specialist Matthew Bryant from San Francisco, purely as a joke.

Apple is aware of the problem and is actively working on the patch.