Security researchers have discovered a new CSS attack which causes iOS devices to crash and freezes Mac devices.
The new CSS attack was discovered by Sabri Haddouche, a security researcher at Wire and said that with 15 lines of code he was able to crash and restart any iOS devices and freeze the safari browser in Mac.
The researcher exploited a weakness in the -webkit-backdrop-filter CSS. Attackers use nested divs with that property which will quickly consume all graphics resources and crash or freeze the OS.
The attack affects all browsers in iOS devices and in the case of Mac the attack affects mail and safari. The weakness does not affect Windows and Linux systems.
The attack works when the user visits a webpage containing certain CSS & HTML which will cause the device to use up all resources quickly. Depending on the iOS version it will cause a kernel panic and device reboot or UI restart.
Researcher tested the attack on iOS 12 which caused device reboot, and in iOS 11.4.1 it only caused a UI restart.
In Mac when you visit the web page, it will freeze or slow down your system.
Researcher said he has notified Apple about the issue and as of now, there is no way to prevent this attack.
For more details, you can visit the post published by the researcher on the GitHub page here.
You may be interested in reading:Mac Adware Doctor App Discovered Stealing Sensitive Information of Users