Detected “factories” of special “text bombs” for WhatsApp
Perhaps almost every modern smartphone user has met in person or at least heard about mysterious messages that can reboot the gadget or “crash” the messenger. As a rule, such “text bombs” are designed for the iPhone and the most popular service for communication on it – WhatsApp, but there are options for other programs or platforms. Recently, journalists have found real centers for the production of such “weapons”. The problem of “text bombs” for several years, but the developers of WhatsApp still can not eradicate the reasons for which such messages are effective. It is rather difficult to characterize them in one word: almost always it is a set of meaningless characters from specific alphabets, processing which the software for some reason encounters a critical error. This causes either the messenger itself to crash or a reboot of the device – sometimes cyclic.
In addition to WhatsApp exposure to “scary messages”, as they are called specialists portal WABetainfo, studying the phenomenon for a long time, are subject to other applications for communication, but to a lesser extent: and developers are removing critical vulnerabilities, and reinstall the program when storing the history of messages online is not so terrible. But for users of the most popular messenger in the world, owned by Facebook Inc., “text bombs” are very dangerous. In some cases, such a “scary” message forces the application to reinstall completely – as long as the dangerous text is in the cache and every time the messenger tries to draw it, it will always end with the “crash” of the program. Considering that WhatsApp stores the history of correspondence locally, its deletion and reinstallation may deprive the user not only of hundreds of pictures and an archive of simple chatter but also of many really important messages, contacts, and files.
As WABetainfo employees have found out, “text bombs” naturally do not arise by themselves. Most of them appear in specialized communities, mainly in Brazil. Attackers (or maybe, of course, just very angry jokers, but in this context it does not matter anymore) purposefully looking for such combinations of symbols, which “crush” the WhatsApp client on a particular platform: iOS or Android. The last “squeak of fashion” of these “text terrorists” – contact cards (vcard), containing sometimes several hundreds of records, each of which has all chances to break the messenger. The irony of the situation is that the creators of such “bombs” also use WhatsApp, but modified clients. In other words, there are no serious technological barriers to eliminate this way of attacking users – just add extended support for UNICODE and slightly change the algorithms of text display. All the more so because the messenger’s “custom” clients are made by enthusiasts who do not have such resources as Facebook Inc. Unfortunately, it is even more unsafe to switch to such alternative clients in bulk – third-party developers do not fully support the service’s encryption. As long as the creators of WhatsApp are not in a hurry to eliminate such a critical drawback of their service, there are not many options for devoted users (if not to switch to competitors, of course). First, you need to make a regular backup of all correspondence using the built-in tool. This will save at least the data archive, and in case of impossibility to start the application only the newest messages will be normally lost.
And secondly, WABetainfo recommends connecting the web version of the client, so that when you receive a “text bomb” you can delete dangerous text and block the sender. In addition, when you receive a strange-looking message, it is by no means recommended to send it to anyone – even if in your case nothing terrible has happened, the software may react unpredictably on the smartphone of the conversation partner. One of the most famous “text bombs” was the text consisting of an emodsy of the Italian flag and several symbols of the Sindhi language. Such a message sent to the iPhone via any messenger restarted the smartphone. The problem was an algorithm for processing some unique characters with a pop-up interface and fortunately, it was fixed rather quickly.