Another Unicode attack is once again messing up the messaging platform. This time the victim is the Apple’s Messages app hit by a bug called “Black Dot”. All iPhone & iPad running iOS 11.3 and 11.4 beta versions will be affected and seems that Apple Watch and Apple TV will also be affected soon. Since the MacOS comes with the greater resources, so when the Message app has the message thread, it could give you the ability to delete it before the app gets unresponsive.
Users can easily send you an iMessage (not SMS) with a lot of invisible Unicode characters. When your device reads the message, it will eat up the massive amount of memory and CPU for processing all of it. Messages will then lock up, and although you can close the app, the message app will crash again as soon as you re-open it.
What is the ‘Black Dot’ bug?
It’s a similar Unicode bug recently spreading in WhatsApp with the emojis <⚫️>and a warning says “don’t touch the black dot”. If you touch it, then the hidden Unicode will be expanded and crash the app. The current ‘Black Dot’ bug on iOS operates a little differently, but it still comes with the same symbol.
What to do if you get hit:
If you receive a “Black Dot” message and it locks up Messages on your iOS device, there are a few workarounds that you should do to regain control. They all have the same goal: turn the message off so that it’s not rendered when reopening the Message app, delete the message conversation so that it cannot crash when scrolling back and the message can display again. Here are the methods you can try:
- Force-quit the Messages app by double- pressing the Home button and swipe it up
- Send a message to the person who sent the Black Dot by using Siri. However, make sure that you send multiple messages or a long enough message to knock theirs off the screen.
- If your device supports 3D-Touch, then simply 3D touch on Messages and then choose New Message. Continue to hit Cancel at the top-right corner of the new message to return to the conversations list.
- Delete the conversation containing the Black Dot attack.
If you have synced to your iCloud account on other devices, then you can open Messages on it to the conversations list, without the need of opening the Black Dot message, and all you need is simply deleting the conversation in the list.
Although the bug is serious, it has not widespread yet. The <⚫️>message isn’t the payload, but it’s rather a secret string of invisible Unicode characters. So it’s difficult to spread since it has recently appeared. For now, we can probably wait for a fix soon. That can be the next iOS 11.3.2 update, or the fix includes in the final iOS 11.4 version, which is nearing the end of its beta test.