A new method allows you to lock the iPhone using emoji, and it is being used worldwide.
iOS takes a few bad months if we talk about security; It seems that we are repeating ourselves, but no, we are facing another important bug that has been passed to the Apple programmers.
First there was the possibility of skipping the lock screen; Then came a bug that allows you to block the device with a message. And the last bug, so far, that allows you to lock the iPhone using emoji.
Two emoji that can be fatal
Yes, indeed, two emoji: the one with the white flag and the one with the rainbow. Specifically, there are two methods with which an attacker could block your mobile or tablet.
The first method is the easiest and affects to iOS devices from version 10.0 to version 10.1.1; therefore, it affects those who have not updated the system.
All we have to do to lock the device is send a message to the victim with the white flag emoji, a zero (0), and the rainbow emoji.
As soon as the victim receives the message, their device will crash and restart after a few minutes. This bug is a variation of the one that allowed blocking by sending messages with attachments, discovered last year.
The solution to avoid this attack method is update to iOS 10.2; therefore, it is fairly easy to dodge.
However, the second method still has no solution. To run it, we have to copy all three characters (white flag emoji, 0, and rainbow) many times on a contact card; and when I say many times I mean hundreds and thousands of times.
We just have to send those fake contacts to the victim using the sharing functionality of iCloud (so that our iPhone does not crash). As soon as the victim receives the contacts, their device will be locked, even if they do not open the file manually.
Why is it possible to lock iPhone using emoji
The exact reason why it is possible to lock the iPhone using emoji is still unknown. One option is that iOS is interpreting the characters in a specific way.
Veris, on iOS the rainbow flag emoji is actually not an emoji; internally it is created with three different characters: the white flag, a special character called sector 16 or VS16 variation, and the rainbow.
VS16 tells iOS that it has to put the two adjacent characters together; so when the system encounters those three characters, it displays the rainbow flag.
It is possible that, due to the way characters are sent, when we send (white flag emoji, 0, and rainbow), the system interprets it as (white flag emoji, VS16, 0, and rainbow). So it tries to match white flag with 0, and that is what hangs the system.
In short, be careful with the messages that can reach you and the contacts that have your number; and of course, always keep your devices updated, regardless of the operating system you use.