Recent findings in cybersecurity have challenged the longstanding belief that vulnerabilities in iOS are difficult to exploit, mostly due to Apple’s robust security measures. Traditionally, it was thought that cases of spyware and zero-day vulnerabilities—flaws unknown to the vendor until exploited—were infrequent and primarily reserved for targeted attacks. However, research from Google, iVerify, and Lookout revealed that hacking campaigns involving tools named Coruna and DarkSword have been indiscriminately targeting users globally, particularly those running outdated versions of iOS.
These hacking efforts reportedly involve actors from Russia and China using compromised websites or counterfeit pages to harvest data from unsuspecting victims. Alarmingly, components of these malicious tools have leaked online, enabling others to conduct attacks against Apple users without sophisticated resources.
Apple has endeavoured to bolster its security frameworks with initiatives like Memory Integrity Enforcement, introduced with the latest iPhone 17 models running iOS 26. This feature aims to protect against common vulnerabilities that exploits, including those used by DarkSword, typically exploit. Unfortunately, many older iPhone users, still operating on iOS 18 or earlier versions, remain susceptible to these threats.
As it stands, there is now a disparity in the security of iPhone users: those equipped with the latest models benefit from advanced protections, while a significant number of users with outdated software continue to be at risk from memory-based attacks.
The emerging presence of tools like Coruna and DarkSword suggests that memory corruption exploits could rise in frequency, undermining the belief that iPhones are immune to hacking. Analysts from iVerify and Lookout indicate that mobile attacks are becoming “widespread”, although those relying on zero-day vulnerabilities for the latest software will likely remain premium targets, not typically used for mass hacking.
Despite the portrayal of iPhone hacks as rare or sophisticated, Apple security expert Patrick Wardle argues that it’s a misconception. While attacks may not always be captured in documentation, he notes they likely exist in some form, highlighting that sophistication is often taken for granted as a baseline capability that many countries can exploit.
Compounding these issues is a burgeoning second-hand market for exploits, giving developers and brokers financial motivation to repurpose and resell vulnerabilities, especially after they’ve been patched. Justin Albrecht from Lookout underscores that these developments signify a shifting landscape, hinting that users should expect more exploits in the future.
Overall, the evidence points towards a notable increase in cyber threats against iPhone users, particularly those on outdated software, necessitating a reconsideration of the narrative surrounding iPhone security and vulnerabilities.
Fanpage:Â TechArena.au
Watch more about AI – Artificial Intelligence
