Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
iPhone hacking techniques They have sometimes been described as rare and elusive animals: hackers have used them so stealthily and cautiously against a small number of hand-selected targets that they are rarely seen in the wild. Now the last wave of Espionage and cybercrime campaigns Instead, it deployed the same phone hijacking tools, embedded in infected websites, to randomly hack phones by the thousands. A new technology, in particular, is capable of controlling any of hundreds of millions of beings iOS devices– has appeared on the web in an easily reusable form, putting a large portion of the world iPhone Users are at risk.
Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they saw in use on infected websites, capable of instantly and silently compromising iOS devices visiting those sites. Although this technology does not affect the most recently updated versions of iOS, it does work against iOS devices running versions of Apple’s previous operating system, iOS 18, which as of last month still represented nearly a quarter of iPhones. According to Apple’s own statistics.
“A large number of iOS users could have all their personal data stolen just for visiting a popular website,” says Rocky Cole, co-founder and CEO of iVerify. “Hundreds of millions of people still using older Apple devices or older versions of operating systems are still at risk.”
An iPhone hacking campaign that used DarkSword came to light just two weeks after another, more complex and fully featured campaign was unveiled Hacking toolkit known as Corona It was found in use by what Google describes as a Russian state-sponsored spy group and other hacker groups. Although DarkSword appears to have been created by different developers from Corona, researchers found that it was used by these same Russian spies. Like Corona, it was also embedded in components of legitimate Ukrainian websites, including online news outlets and a government agency website, to collect data from visitors’ phones.
However, says iVerify co-founder and researcher Matthias Frelingsdorf, the hackers who carried out that espionage campaign left the full, unblocked DarkSword code — with English-language annotations describing each component and including the tool’s “DarkSword” name — available on those sites for anyone to access and reuse. He says this negligence invites other hacking groups to adopt it and target other iPhone users. “Anyone who manually picks up all the different parts of the vulnerability can put it on their web server and start infecting phones,” says Frelingsdorf. “It’s that simple.” “Everything is well documented too. It’s really very easy.”
WIRED reached out to Apple for comment on the researchers’ findings, but the company did not provide a comment. Google declined to comment beyond its blog post about its findings in DarkSword.
According to Lookout, DarkSword is designed to steal data from vulnerable iPhones that include passwords and photos; logs from iMessage, WhatsApp, and Telegram; browser history; Calendar data and notes; And even data from the Apple Health app. Despite the apparent focus of the hacking campaign, DarkSword also steals users’ cryptocurrency wallet credentials, suggesting that the hackers may have carried out a potential side gig in for-profit cybercrime.
Instead of installing spyware that persists on users’ phones, DarkSword uses more covert techniques often seen in “fileless” malware that typically targets Windows devices, hijacking legitimate processes in the iPhone’s operating system to steal data. “Instead of using a spyware payload to compromise the file system — which leaves a lot of easy-to-detect exploit tools — this just uses system processes the way they’re supposed to be used,” says iVerify’s Cole. “It leaves much less trace.”