Apple iMessage uses MAC-less encryption with malleable ciphertext. That, however, is not the worst part, and neither are the small 1280-bit RSA keys.
The worst part is that iMessage uses an independent ECDSA signature key, which is not only "independent" due to being a separate/different key from the AES encryption key, but also due to not being involved in the encryption/decryption stage at all!
(source)