Learn how to prevent attackers from hacking your iPhone or MacBook over iMessage and remove the virus if the breach has already taken place.
There has been a great deal of fuss around a new iOS and OS X infection vector over the past few months. In a nutshell, any iPhone, iPad or Apple Watch device running iOS version earlier than 9.3.3 is exposed to behind-the-scenes hacking via iMessage. The same applies to MacBooks with OS X build earlier than El Capitan 10.11.6. So the attack surface is potentially huge. The perpetrators exploit a security flaw in Apple’s Image I/O API to deploy the compromise in the background. This vulnerability catalogued as CVE-2016-4631 enables the malefactors to use a contagious TIFF (Tagged Image File Format) file in order to cause a buffer overflow. This, in its turn, makes it possible to circumvent Apple’s defenses and execute their code on the device in a stealthy fashion.
So, what type of activity should you look out for? The medium for these breaches is an incoming message with a .tif image file in it. By the way, it’s not only iMessage that relies on the vulnerable Image I/O API to render graphics. This characteristic also applies to MMS, Mail and Safari. The iMessage contamination route, though, poses a particularly harmful scenario because it may not necessarily require a would-be victim to actually open the rogue message – instead, the exploitation might well take place without any direct action on the user’s end. That’s the way this app is configured by default. Yet another social engineering trick to perform this attack involves phishing links sent over email, where the user is duped into downloading a malicious payload on the linked-to landing page.
One way or another, a remote hacker can obtain control of the device. These privileges suffice for stealing login and password data and accessing the victim’s personal files such as images, videos and contacts. Furthermore, by getting hold of user’s Apple ID the adversary can log into their iCloud account and leverage the “Find My iPhone” feature to lock the device and then demand a ransom to unlock it, as in the notorious firstname.lastname@example.org hack. Ultimately, this compromise can cause serious issues, so anyone infected shouldn’t linger with troubleshooting. For a start, it’s recommended to upgrade iOS or OS X to the latest version, where the API vulnerability is patched. Also, be sure to follow safe online practices to avoid the iMessage virus. See the sections below for more information.
Use security software to prevent iPhone hacking via iMessage
Infections like the iMessage virus can obtain your sensitive credentials through unprotected connections. Logging into public Wi-Fi networks and visiting compromised sites can get the gadget exposed to malware and man-in-the-middle attacks. It’s therefore strongly recommended to use automatic protection during web surfing.
1. Download and install SurfEasy VPN (read review). This app accommodates Wi-Fi security as well as privacy and identity protection features
2. Make sure SurfEasy Protection is turned on throughout Internet browsing sessions. The application will encrypt all traffic, prevent ad tracking, anonymize online activities and secure the iOS device when it’s connected to Wi-Fi hotspots.
Get rid of iMessage virus using Freshmac automatic removal tool
When confronted with malicious code like the iMessage virus tech support scam on Mac, you can neutralize its toxic impact by leveraging a specially crafted system utility. The Freshmac application (read review) is a perfect match for this purpose as it delivers essential security features along with must-have modules for Mac optimization.
This tool cleans unneeded applications and persistent malware in one click. It also protects your privacy by eliminating tracking cookies, frees up disk space, and manages startup apps to decrease boot time. On top of that, it boasts 24/7 tech support. The following steps will walk you through automatic removal of the iMessage virus infection.
1. Download Freshmac installer onto your machine. Double-click the Freshmac.pkg file to trigger the installer window, select the destination disk and click Continue. The system will display a dialog asking for your password to authorize the setup. Type the password and click Install Software.
2. Once the installation has been completed, Freshmac will automatically start a scan consisting of 5 steps. It scans cache, logs, unused languages, trash, and checks the Mac for privacy issues.
3. The scan report will then display your current system health status and the number of issues detected for each of the above categories. Click the Fix Safely button to remove junk files and address privacy issues spotted during the scan.
4. Check whether the iMessage virus has been fixed. If the lock screen is still there, go to the Uninstaller option on Freshmac GUI. Locate an entry that appears suspicious, select it and click Fix Safely button to force-uninstall the unwanted application.
5. Go to Temp and Startup Apps panes on the interface and have all redundant or suspicious items eliminated as well. The iMessage virus fraud shouldn’t be causing any further trouble.