A major security flaw was recently discovered in iMessage service, where a simple message could get your Mac or iPhone hacked. While Apple fixed the issue with the iOS 9.9.3 update, there seems to be yet another flaw which Apple was unaware of. Some Apple users on Twitter are claiming that they are suffering from hacked iMessage account where they received texts in Chinese language from unknown numbers. Also Read - Apple AR headset to launch in late 2022 with mac-level computing power: KuoAlso Read - Xiaomi India could soon start a repair program similar to Apple's Self Service Repair program
A Mashable employee was the first one to report about the issue. After waking up on Wednesday morning, she saw a message from foreign number on her computer’s iMessage account. It had characters written in Chinese language. Shortly after that, she also received a popup notification saying that her Apple ID and phone number was being used on another device. The popup did not offer any option other than to click OK. Soon after that, she was flooded by SMS messages and Chinese iMessage. After quickly changing the password and security questions of the account, she contacted Apple Support only to learn that a lot of users had been reporting about the same issue. Also Read - Apple starts sending alerts to users impacted by Pegasus spyware
From what it looks like, the hack attempts to steal personal information. While Apple hasn t commented on it yet, the Apple support representative told the Mashable employee that the hack is new and Apple developers are working to patch it. Also, it is currently impossible to say if one s personal information was stolen or not.
If we look at Twitter, a lot of users have been reporting about the issue. It s not just today or this week, but some users have been reporting about the issue since September. Some of them have also posted screenshots of the hack. A basic translation from Chinese to English reveals that the messages contain spam about casinos in Macau. A London-based Twitter user told the publication that after enabling the 2FA, the annoying messages have stopped. ALSO READ: Edward Snowden shows how to keep your smartphone from spying on you
So at 4am this morning my apple account was hacked my some kind of Chinese malware hack It sent a load of iMessages pic.twitter.com/ks8IPHhDQ7
Archie Alpha (@ArchieAlpha) October 17, 2016
John Munn (@john_munn) October 11, 2016
As of now, there is no information on what the latest iMessage hack is capable of doing. But a similar vulnerability was discovered in July this year that allowed hackers to simply send an iMessage on an OS X or iOS device and gain control of stored passwords or the internal storage of the device. Apple had later released a patch for the same with iOS 9.3.3 update for iPhone and iPads and El Capitan 10.11.6 for Macs.
How to fix iMessage hack that sends Chinese texts
Step 1 Change your Apple ID password: As of now, there is no real fix until Apple patches the iOS vulnerability. However, there is a temporary fix to get started with. To begin with, head over to Settings > iCloud on your iPhone or iPad and tap on your Apple ID. Next, tap on Password & Security and then Change Password. To prove your identity, you will be prompted to enter your iPhone / iPad Passcode. Once that is done, just enter the new password and verify it. Do note: for security purpose, the password needs to be at least eight characters long and must include a letter in upper case, a lower case and a number. ALSO READ: Beware! A single iMessage could get your iPhone, Mac hacked
Step 2 Enable two-factor authentication: Once your Apple ID password is changed, you need to enable two-factor authentication (2FA) which adds an extra layer of security to your account. When this feature is activated, a verification code will be sent to your Apple device to confirm that you are trying to access the account. To enable 2FA, head over to Settings > iCloud > Password & Security > tap on two-factor Authentication and follow the on-screen instructions. ALSO READ: Researchers find another major flaw in Apple iMessage; here s how to be safe
Even if you are not one of the affected users, it would be a good idea to change your password and implement 2FA on your account as it makes it difficult for hackers to gain access to your account.