img HowTosOSX

How to remove iMessage from Mac OS X and iOS

Learn how to prevent attackers from hacking your iPhone or MacBook over iMessage and remove the virus if the breach has already taken place.

There has been a great deal of fuss around a new iOS and OS X infection vector over the past few months. In a nutshell, any iPhone, iPad or Apple Watch device running iOS version earlier than 9.3.3 is exposed to behind-the-scenes hacking via iMessage. The same applies to MacBooks with OS X build earlier than El Capitan 10.11.6. So the attack surface is potentially huge. The perpetrators exploit a security flaw in Apple’s Image I/O API to deploy the compromise in the background. This vulnerability catalogued as CVE-2016-4631 enables the malefactors to use a contagious TIFF (Tagged Image File Format) file in order to cause a buffer overflow. This, in its turn, makes it possible to circumvent Apple’s defenses and execute their code on the device in a stealthy fashion.

iMessage virus can grant an attacker full control of an Apple device

So, what type of activity should you look out for? The medium for these breaches is an incoming message with a .tif image file in it. By the way, it’s not only iMessage that relies on the vulnerable Image I/O API to render graphics. This characteristic also applies to MMS, Mail and Safari. The iMessage contamination route, though, poses a particularly harmful scenario because it may not necessarily require a would-be victim to actually open the rogue message – instead, the exploitation might well take place without any direct action on the user’s end. That’s the way this app is configured by default. Yet another social engineering trick to perform this attack involves phishing links sent over email, where the user is duped into downloading a malicious payload on the linked-to landing page.

One way or another, a remote hacker can obtain control of the device. These privileges suffice for stealing login and password data and accessing the victim’s personal files such as images, videos and contacts. Furthermore, by getting hold of user’s Apple ID the adversary can log into their iCloud account and leverage the “Find My iPhone” feature to lock the device and then demand a ransom to unlock it, as in the notorious hack. Ultimately, this compromise can cause serious issues, so anyone infected shouldn’t linger with troubleshooting. For a start, it’s recommended to upgrade iOS or OS X to the latest version, where the API vulnerability is patched. Also, be sure to follow safe online practices to avoid the iMessage virus. See the sections below for more information.

Use security software to prevent iPhone hacking via iMessage

Infections like the iMessage virus can obtain your sensitive credentials through unprotected connections. Logging into public Wi-Fi networks and visiting compromised sites can get the gadget exposed to malware and man-in-the-middle attacks. It’s therefore strongly recommended to use automatic protection during web surfing.

1. Download and install SurfEasy VPN (read review). This app accommodates Wi-Fi security as well as privacy and identity protection features

Download SurfEasy VPN

2. Make sure SurfEasy Protection is turned on throughout Internet browsing sessions. The application will encrypt all traffic, prevent ad tracking, anonymize online activities and secure the iOS device when it’s connected to Wi-Fi hotspots.

Turn on SurfEasy VPN


iMessage virus automatic removal for Mac OS X

1. Download and install MacKeeper application (read review). In addition to security features, this tool provides a vast arsenal of Mac optimization capabilities

Download MacKeeper

2. Get your Mac checked for malicious software by going to System Scan and starting the scan procedure

MacKeeper: Analysis

3. When the app comes up with a list of detected security issues, get those fixed by clicking the respective button. The iMessage virus should now be completely gone.