Cybersecurity experts have recently identified a series of cyberattacks targeting Apple users globally, employing sophisticated hacking tools named Coruna and DarkSword. These tools have been utilized by both state-sponsored actors and cybercriminals to extract sensitive information from iPhones and iPads.
Historically, significant cyberattacks targeting Apple devices have been infrequent, with notable incidents primarily involving the persecution of Uyghur Muslims in China and activists in Hong Kong. However, the emergence of Coruna and DarkSword introduces a new threat that could jeopardise millions of devices, particularly those running outdated iOS versions.
Coruna and DarkSword are advanced toolkits containing multiple exploits that allow unauthorized access to iPhones and iPads. Research indicates that Coruna can compromise devices operating on iOS versions from 13 to the recent 17.2.1, while DarkSword targets newer models running iOS 18.4 and 18.7. Alarmingly, parts of DarkSword have been leaked on GitHub, enabling potential misuse by anyone with the technical know-how to launch attacks against users of older iOS versions.
The operations of Coruna and DarkSword are particularly concerning due to their indiscriminate nature; infections can occur merely by visiting compromised websites. Once a device is breached, hackers can exploit vulnerabilities within the iOS, enabling them to seize control and extract a range of private data, including messages and location histories.
The origins of these hacking tools point to a troubling proliferation of previously secret government-developed exploits, with Coruna allegedly linked to Trenchant, a spyware unit of U.S. defence contractor L3Harris. These tools appear to have fallen into the hands of various espionage groups, including those from Russia and China, through underground markets. Similarly, DarkSword’s development history remains unclear, though it has reportedly been used in attacks across several countries, including China, Malaysia, and Turkey.
The leak of DarkSword on GitHub, whose specifics remain murky, raises alarms as the code, written in widely used web languages, is now easily accessible for malicious intent. Justifying its presence, GitHub maintains that while it prohibits active malware support, sharing such code can serve educational purposes within the cybersecurity community.
Users concerned about their vulnerabilities should update their devices immediately. Apple asserts that those using the current versions of iOS are safeguarded against these threats. Yet, statistics reveal that a significant number of Apple devices are not running the latest version, which could expose hundreds of millions of users to these newly discovered risks.
For those unable or unwilling to upgrade, Apple recommends enabling Lockdown Mode, an enhanced security feature designed to thwart attacks, particularly for individuals at heightened risk such as activists and journalists. While Lockdown Mode is not foolproof, evidence suggests it remains effective against known exploits, providing vital protection for those concerned about potential cyberattacks.
In summary, the emergence of Coruna and DarkSword necessitates immediate action from Apple users to mitigate risks associated with outdated software and to enhance security with available protective measures.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
