"The exploit kit, which researchers have named DarkSword, was discovered jointly by cybersecurity firm iVerify, mobile security company Lookout, and Google's Threat Intelligence Group (GTIG). Their coordinated findings, published Wednesday, reveal a powerful iPhone attack framework that has already been deployed by multiple hacking groups across four countries and that remains a live threat to a large portion of iPhone users still running older versions of iOS."
"Unlike the kind of precision hacking seen in targeted espionage operations, where a specific journalist or dissident gets a malicious link sent directly to their phone, DarkSword works as what researchers call a 'watering hole' attack. The hackers compromise websites that their intended victims are already visiting, then sit back and wait for the targets to come to them."
"Visitors to those sites on an unpatched iPhone running iOS 18.4 through 18.6.2 would have had their device silently compromised the moment the page loaded. Once DarkSword lands on a device, it doesn't install itself in the traditional sense. There is no new app, no rogue file quietly copying itself to your storage."
Security researchers from iVerify, Lookout, and Google's Threat Intelligence Group discovered DarkSword, an iPhone exploit framework openly hosted on compromised Ukrainian websites. The toolkit targets iPhones running iOS 18.4 through 18.6.2 through watering hole attacks, compromising legitimate websites that victims visit. Two Ukrainian sites—News of Donbas and the Seventh Administrative Court of Appeals—hosted the attack code. Unlike targeted espionage hacking, DarkSword operates as a mass compromise tool, silently infiltrating devices when users visit infected pages. The exploit framework has already been deployed by multiple hacking groups across four countries and remains an active threat to users running older iOS versions.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]