Ethical Hacking News
A new report by Google has revealed a sophisticated iPhone hacking technique known as DarkSword, which has been discovered in use by Russian hackers and other malicious actors. This development highlights the increasing sophistication and brazenness of cyber threats, and underscores the growing importance of cybersecurity awareness and education.
Google has discovered a sophisticated iPhone hacking technique called DarkSword, which has been used by Russian hackers and other malicious actors. DarkSword is a powerful tool that can take over devices running iOS 18 with minimal effort, and its creators have embedded it into legitimate websites to harvest data from visitors' phones. The DarkSword hacking campaign is linked to another highly sophisticated iPhone-hacking toolkit called Coruna, which was discovered in use by Russian state-sponsored espionage groups and other hacker groups. DarkSword has raised concerns about the ease with which malicious actors can exploit this tool, making it too easy for others to pick up and use. The hackers who created DarkSword are believed to be from a "broker" firm that buys and sells hacking techniques, highlighting an active market for these types of tools. Apple has released security updates to protect users from both Coruna and DarkSword, including emergency updates for older devices.
The world of cybersecurity has witnessed a significant shift in recent times, as the threat landscape continues to evolve at an unprecedented pace. A new report by Google has shed light on a sophisticated iPhone hacking technique known as DarkSword, which has been discovered in use by Russian hackers and other malicious actors. This development has sent shockwaves through the cybersecurity community, highlighting the increasing sophistication and brazenness of cyber threats.
DarkSword is a powerful iPhone-hacking tool that can take over devices running iOS 18 with minimal effort. Its creators have embedded it into components of otherwise legitimate websites, including online news outlets and government agency sites, to harvest data from visitors' phones. This technique has been used by Russian spies and other hacker groups, raising concerns about the spread of malware across multiple platforms.
The DarkSword hacking campaign is particularly concerning because it has been linked to Coruna, another highly sophisticated iPhone-hacking toolkit that was discovered in use by a Russian state-sponsored espionage group and other hacker groups. While Coruna appears to have been created by different developers from DarkSword, the researchers found that they were used by the same Russian spies.
The implications of this development are far-reaching, as it suggests that there is an increasingly active market for the resale of exploits that once were considered extremely rare and used only for highly targeted attacks against individual victims. The fact that DarkSword was left in plain sight on infected websites, complete with explanatory comments in English, has raised concerns about the ease with which malicious actors can exploit this tool.
"Anyone who manually grabbed all the different parts of the exploit could put them onto their own web server and start infecting phones," said Matthias Frielingsdorf, a researcher at iVerify. "It's as simple as that. It's really too easy." This carelessness has practical implications for iPhone users, who are now vulnerable to a wide range of threats.
The researchers have also noted that DarkSword is designed to steal data from vulnerable iPhones, including passwords and photos; logs from iMessage, WhatsApp, and Telegram; browser history; Calendar and Notes data; and even data from Apple's Health app. In addition to its espionage focus, DarkSword also steals users' cryptocurrency wallet credentials, suggesting the hackers may have carried out a possible side business in for-profit cybercrime.
The use of fileless techniques by DarkSword is particularly noteworthy, as it uses stealthier methods that are more often seen in "fileless" malware that typically target Windows devices. This approach allows DarkSword to hijack legitimate processes in an iPhone's operating system to steal data without leaving a persistent payload on the device.
The researchers have also observed that the Coruna iOS hacking toolkit exposed earlier this month works against iOS versions 13 through 17, while DarkSword works against most versions of iOS 18. This means that many more phones remain at risk to DarkSword, especially given the relatively slow adoption and unpopularity of iOS 26.
The creators of DarkSword remain a mystery, but researchers suspect that it may have originated from a "broker" firm that buys and sells hacking techniques. The fact that DarkSword was not built by the Russian hackers who deployed it suggests that there is an active market for these types of tools, with malicious actors seeking to capitalize on their value.
The emergence of DarkSword highlights the increasing sophistication and brazenness of cyber threats, as well as the growing importance of cybersecurity awareness and education. As the threat landscape continues to evolve, it is essential that individuals and organizations take proactive steps to protect themselves from these emerging threats.
In response to this new threat, Apple has released security updates that would protect users from both Coruna and DarkSword, including emergency updates released last week for older devices that can't run iOS 26. Users who enable iOS's strictest security setting known as Lockdown Mode are also protected, according to the company.
The use of DarkSword also raises concerns about the spread of malware across multiple platforms, highlighting the need for a comprehensive approach to cybersecurity that addresses these emerging threats. As researchers and security experts continue to monitor this developing situation, it is essential that individuals and organizations remain vigilant and take proactive steps to protect themselves from these emerging threats.
Related Information:
https://www.ethicalhackingnews.com/articles/New-Threats-Emerge-The-Resurgence-of-iPhone-Hacking-and-the-Rise-of-Broker-Firms-ehn.shtml
Published: Wed Mar 18 11:43:59 2026 by llama3.2 3B Q4_K_M
