Malicious Website Crashes Smartphones, Slows PCs

John Lister's picture

Computer and mobile device owners have been warned to carefully review links before clicking on them, after the creation of a website that can either slow down or crash smart phones completely. The site in question uses a simple but effective technique to cause the problem.

The site's web address is simply the words "crash" and "safari" next to one another (with no space in between), and is a "dot com" domain name. Trouble-makers online have been spreading links to the problematic site through email and social media.

It's worth checking links carefully as they may appear to be a valid web address, but then link elsewhere to a malicious site. In many browsers, hovering over a the link with the mouse will reveal the destination at the bottom of the browser screen. With most mobile device browsers, you can check the destination of a link by holding down your finger on the link until a menu of options pops up, rather than simply tapping the link to follow it.

Prank is a Simple Numbers Game

The good news is that the site doesn't pose any security risks. The bad news is that it is deliberately set up to cause problems for mobile devices, in particular.

The exploit works by using around a dozen lines of text, which performs a simple function. It tells the browser to visit a page on the site called 1, then one called 12, then one called 123 and so on. Not only do such pages not exist, but eventually the resulting URL is so long, it causes the browser to get stuck in a seemingly endless loop trying to process it. (Source: theguardian.com)

Another theory is that the string of bogus pages creates thousands of entries in the browser history, eventually adding them faster than the browser can cope. In either case, it's effectively a small scale version of the "denial of service" attack that is often unleashed to put major websites out of action. (Source: wired.com)

No Security Threats

With personal computers, getting out of the problem is a little easier. If anything, the script would cause most major browsers to lock up completely and use most (if not all) all available memory. However, it is usually possible to close the browser through the Windows Task Manager by pressing CTRL + ALT + DEL, then select the browser processor in the Task Manager list, then press DEL on the keyboard to end the task.

With phones and tablets, killing the task is more of a problem. When users visit the site, it can cause the device to be at full capacity continuously and either crash the system completely, requiring a hard reset (physically switching off); or, it's possible that the system may overheat, which would effectively cause the processor to pause indefinitely. That's because most smart phones and tablets use slower processors (compared to desktop computers), which make the exploit particularly prone to crash, plus background tasks of this nature on smartphones and tablets usually go undetected.

Mobile users should pay particular attention to links from URL shorteners which may disguise their true destination. Several sites such as checkshorturl.com let you cut and paste such "short links" to see exactly where they point.

As a general rule of thumb: if you did not specifically request a message and URL from someone (even if it's supposedly coming from a friend) - don't click it, and you should be relatively safe.

What's Your Opinion?

Have you been affected by this prank? Do you normally verify links before clicking on them? Should browser makers put effort into fixing this simple 'bug' or concentrate on more complicated loopholes that could risk security.

Rate this article: 
Average: 4.8 (5 votes)

Comments

dbrumley3077's picture

I've had a problem lately with Firefox failing to respond after going to Amazon's website. I will get a pop-up window saying a "script on this page is either busy or not responding". There is a checkbox marked "don't ask again". There are 3 buttons marked "stop script" "ignore error" and "debug script". I've tried using the stop script button, which closes the window, but the browser slows down and the window re-appears. The ignore error button does the same thing. The debug script button opens a window below the browser's sight window with what looks like html, but I can't make heads or tails of that. I usually go to Amazon using a linked button on Firefox's bookmarks toolbar, so I'm not using a link from an email or some such. If I use Google Chrome, I don't have a problem, AFAIK. I thought perhaps it was an add-on or extension causing this, but I haven't added any new ones lately. Any ideas? Thanks for the excellent newsletter.

Dennis Faas's picture

This question is somewhat related to the article, so I'll answer - note that I will not answer completely unrelated questions (please email me instead). As for the issue: try disabling all your extensions in Firefox, restart Firefox, then try again. If that doesn't work, try refreshing Firefox. If that doesn't work, try uninstalling Firefox, then reinstall the latest version and try again. If that doesn't work, try installing the latest Java from java.com and try again.

Doccus's picture

On Chrome on my history pages I've noticed thousands of pages all with the same time in my ebay search and also, I believe, my google searches. There's no mac malware currently in the wild doing this - that I know of- Of course Apple's refusal to offer security updates for 3 year or older OS's doesn't help. - nor does Google's refusal for anything 2 years or older with Chrome browser... Can a website like ebay itself be faulty in this regard? Or is it simply Google and Apple's blackmail of "either you use the very newest or your computer gets infected and infects the web.."

phamilton2's picture

Would it be possible to shortcut this problem by adding the URL to your HOSTS file and link it to 127.0.0.1 (localhost)? Wouldn't help a smart phone, but it might help a PC.