CP
cyberpings
Malware & RansomwareHIGH

Malware - DarkSword Exploit Kit Leaked for iPhones

TCTechCrunch Security
DarkSwordiOSspywareAppleGitHub
🎯

Basically, hackers can now easily use a leaked tool to attack old iPhones.

Quick Summary

A new exploit kit called DarkSword has been leaked, enabling hackers to target millions of iPhones. Users running outdated iOS versions are at risk. It's crucial to update your devices immediately to stay secure.

What Happened

Last week, a significant cybersecurity breach occurred when an exploit kit named DarkSword was leaked on GitHub. This advanced hacking tool allows cybercriminals to target iPhone users who have not updated their devices to the latest iOS version. As per researchers, this leak could potentially affect hundreds of millions of iPhones and iPads still running older operating systems.

The leaked version of DarkSword is reportedly easy to use, requiring no advanced technical skills to deploy. Matthias Frielingsdorf, co-founder of mobile security startup iVerify, expressed grave concerns about the implications of this leak, stating, "This is bad. They are way too easy to repurpose." The simplicity of the code means that even individuals without iOS expertise can execute these exploits within hours.

Who's Being Targeted

The primary targets of this exploit kit are users of iPhones and iPads operating on iOS 18 or earlier. Apple’s data indicates that approximately 25% of all active devices are still using these outdated versions. This translates to a vast number of vulnerable devices, potentially affecting over 2.5 billion active Apple devices globally.

Cybersecurity experts warn that the ease of access to the DarkSword exploit could lead to a surge in attacks. The leaked code includes detailed comments on its functionality, making it accessible for anyone looking to exploit the vulnerabilities in older iOS systems. The implications are serious, as attackers can extract sensitive information from compromised devices.

Signs of Infection

Users should be vigilant for signs of infection, which may include unusual behavior on their devices, such as slow performance or unexpected app crashes. The DarkSword exploit has capabilities to exfiltrate sensitive data, including contacts, messages, and even Wi-Fi passwords, sending this information to an attacker-controlled server.

Apple has acknowledged the exploit and previously issued an emergency update for older devices. However, those who have not updated their software remain at risk. Security experts recommend users regularly check for updates and ensure their devices are running the latest iOS version to mitigate these risks.

How to Protect Yourself

To safeguard against the DarkSword exploit, it is crucial to keep your iPhone or iPad updated with the latest software. Apple emphasizes that updating your device is the most effective way to maintain security. Users can also enable Lockdown Mode, which provides an additional layer of protection against such attacks.

If you suspect that your device may be compromised, consider performing a factory reset after backing up important data. Additionally, be cautious of suspicious links or downloads that may lead to malware infections. Staying informed about the latest security threats and best practices is essential in today’s digital landscape.

🔒 Pro insight: The leak of DarkSword highlights the urgent need for proactive device management among users of legacy iOS versions to prevent exploitation.

Original article from

TechCrunch Security · Lorenzo Franceschi-Bicchierai, Zack Whittaker

Read Full Article

Share

Related Pings

HIGHMalware & Ransomware

Malware - TeamPCP Deploys Iran-Targeted Wiper in Attacks

TeamPCP has launched a wiper malware targeting Iranian Kubernetes systems. This attack raises serious concerns about data loss and escalating cyber warfare. Organizations must act quickly to secure their systems.

BleepingComputer·
HIGHMalware & Ransomware

Malware - Iran-Backed Handala Uses Telegram for C2

The FBI has alerted that the Iran-backed Handala group is using Telegram to push malware targeting journalists and dissidents. This trend highlights the risks of trusted platforms being exploited for malicious activities. Organizations must stay vigilant and adapt their security measures accordingly.

SC Media·
HIGHMalware & Ransomware

Malware - North Korean Hackers Deploy StoatWaffle via VS Code

North Korean hackers are exploiting Visual Studio Code to deploy StoatWaffle malware. Developers are at risk of credential theft and system compromise. Stay alert and verify your sources to protect your data.

The Hacker News·
HIGHMalware & Ransomware

Malvertising Campaign - Tax Ads Lead to EDR Killer Deployment

A new malvertising campaign is exploiting tax season to deploy an EDR killer. Targeting U.S. taxpayers, this attack uses fake Google Ads to bypass security tools. Stay vigilant and only download forms from trusted sources.

Cyber Security News·
HIGHMalware & Ransomware

Malware - Iranian Hackers Target Opponents via Telegram

Iranian hackers are on the prowl, deploying malware via Telegram to target dissidents and journalists. This alarming campaign poses serious risks to anyone opposing the Iranian regime. Stay informed and vigilant to protect your data.

CyberScoop·
HIGHMalware & Ransomware

Malware - SEO Poisoning Campaign Delivers AsyncRAT to Users

A new SEO poisoning campaign has been discovered, targeting Windows users with trojanized software. Over 25 popular applications are being impersonated to deliver AsyncRAT malware. This sophisticated attack can lead to significant data theft, making it crucial for users to stay vigilant.

Cyber Security News·