 |
The DarkSword exploit toolkit has been leaked online. Image: Malwarebytes . |
A new version of the iPhone hacking toolkit called DarkSword has been leaked and publicly posted on the source code sharing platform GitHub. Cybersecurity experts warn that hackers could use this tool to attack iPhone and iPad users running older operating systems.
DarkSword was first discovered in mid-March during an attack campaign targeting iPhone users. According to Apple's data, approximately one-quarter of all iPhone and iPad users are still running iOS 18 or older. With over 2.5 billion active devices, the number of affected users could reach hundreds of millions.
"The situation is very bad. They are too easy to reuse. I don't think it's controllable anymore. We need to prepare for cybercriminals to start deploying these tools," said Matthias Frielingsdorf, co-founder of mobile security company iVerify.
Frielingsdorf stated that the new version of DarkSword shares the same infrastructure as previous versions that the iVerify team analyzed. The files uploaded to GitHub are simply HTML and JavaScript. Anyone can copy, paste, and deploy them to a server in minutes.
"The exploit code works immediately without requiring any iOS expertise," Frielingsdorf emphasized.
Google, which previously analyzed DarkSword, also agrees with this assessment. Kimberly Samra, a Google spokesperson, confirmed that the company's researchers share the same conclusion.
A security expert with the username matteyeux also confirmed the ease of using DarkSword. This person stated that they successfully hacked an iPad mini running iOS 18 using the DarkSword sample circulating online.
According to source code analysis, DarkSword is capable of reading and stealing data from iOS devices via the HTTP protocol. After infiltration, the malware collects contacts, messages, call history, and iOS Keychain data. Keychain stores Wi-Fi passwords and other sensitive information. All of this data is sent to a server controlled by the attacker.
Sarah O'Rourke, an Apple spokesperson, said the company was aware of the exploit code targeting devices running older operating systems. Apple released an emergency update on March 11 for devices unable to run the latest version of iOS.
"Updated software is the most important thing Apple users can do to protect their devices," O'Rourke advised. She also stated that updated devices are not affected. Lockdown Mode can also block these attacks.
The DarkSword leak occurred just weeks after researchers discovered another advanced iPhone hacking toolkit called Coruna. Coruna was developed by defense contractor L3Harris for the US government and its allies.
Experts recommend that all iPhone users upgrade their operating system to the latest version immediately.
Source: https://znews.vn/ma-khai-thac-iphone-ro-ri-hang-tram-trieu-thiet-bi-gap-nguy-post1637663.html
![[Image] Nguyen Tat Thanh Street is expected to be widened, reducing traffic congestion.](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2026/03/24/1774326200262_ndo_br_3-6869-jpg.webp)
Comment (0)