"DarkSword is a "fileless" hack that leverages a collection of exploits to access sensitive data when an iPhone visits an infected website. Rather than install spyware that hangs around on a user's phone after messages and other private information are stolen, fileless hacks like DarkSword take control of "the legitimate processes in an iPhone's operating system to steal data.""
"The hack starts as soon as an iOS device encounters an "malicious iframe embedded in a web page," after which it works its way through your iPhone, gathering sensitive information like passwords before deleting itself. DarkSword can abscond with things like messages and iCloud content, but it's also specifically designed to access crypto currency wallets."
"DarkSword has reportedly been used in Ukraine, Saudi Arabia, Malaysia, Turkey and Russia, and its origins could be tied to a different hacking toolkit called Coruna that TechCrunch reports may have been created for the US government by a company called Trenchant."
DarkSword is a sophisticated fileless hacking technique discovered by Google, Lookout, and iVerify that targets multiple iOS 18 versions. The hack operates by embedding malicious iframes in web pages, which then exploit legitimate iPhone operating system processes to steal sensitive data including passwords, messages, iCloud content, and cryptocurrency wallets. Unlike traditional spyware, DarkSword leaves no traces after completion by automatically deleting evidence of its presence. The technique has been used in Ukraine, Saudi Arabia, Malaysia, Turkey, and Russia. Its origins may be connected to a hacking toolkit called Coruna, potentially developed for government use, but became widely accessible after Russian users published its source code online.
Read at Engadget
Unable to calculate read time
Collection
[
|
...
]