GoKawiilDhruv Bhutani / Android Authority
TL;DR DarkSword, a serious iPhone exploit kit, just leaked on GitHub.
If your device is running iOS 18.4 through 18.7 — or legacy versions 15.8.7 or 16.7.15 — you’re vulnerable.
Contacts, messages, call history, and your iOS keychain (Wi-Fi passwords and secrets) can be fully exfiltrated.
If you have an older iPhone or iPad with an outdated iOS version, check your settings as soon as possible. A serious exploit kit called DarkSword was just released on GitHub, and security experts warn that anyone can use it without special iOS knowledge.
TechCrunch reports that the exploit links weaknesses in WebKit and the iOS sandbox. What started as a complex spyware tool for targeted attacks quickly became something anyone can use with just a few clicks.
Last week, Google’s Threat Intelligence Group, alongside security firms iVerify and Lookout, revealed the existence of DarkSword and its counterpart, Coruna. These advanced hacking tools can fully compromise iPhones, stealing contacts, messages, call history, and even the iOS keychain with Wi-Fi passwords and other secrets.
Don’t want to miss the best from Android Authority? Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
to never miss our latest exclusive reports, expert analysis, and much more. You can also set us as a preferred source in Google Search by clicking the button below.
Now, a newer version of the exploit has been leaked on GitHub. Matthias Frielingsdorf, co-founder of iVerify, told TechCrunch, “This is bad. They are way too easy to repurpose.”
... continue reading