Apple Urges iPhone Users to Update Amid Security Threats
Apple is advising users to update their iPhones following recent cybersecurity research indicating that Russian intelligence, Chinese cybercriminals, and other hackers are employing tools known as DarkSword and Coruna to exploit older iOS versions.
Cybersecurity Firms Unveil Exploit Kits
Details about these exploit kits were unveiled this month by Google alongside cybersecurity firms iVerify and Lookout. These tools provide hackers with extensive remote access to compromised devices, enabling them to sift through sensitive information.
Capabilities of DarkSword and Coruna
According to iVerify’s recent press release, DarkSword functions as a surveillance tool that captures a wide array of data, including Wi-Fi passwords, text messages, call history, location routes, browser history, SIM card details, cellular data, health records, notes, and calendar entries.
Older Devices at Greater Risk
Apple spokeswoman Sarah O’Rourke emphasized that these tools exploit vulnerabilities in older versions of Apple’s operating systems, underscoring the necessity for regular software updates. She stated, “Keeping software up to date remains the most important thing users can do to keep their Apple devices highly secure.”
Concerns About Targeted Attacks
This recent development has alarmed industry experts. While Apple is generally recognized for its security measures, devices running older software versions remain susceptible to potential hijacking. Research indicates that specific demographics, such as cryptocurrency users in China and individuals in Saudi Arabia, Türkiye, and Malaysia, are particularly targeted by these hacking tools.
Widespread Mobile Security Challenges
John Scott Railton, a senior researcher at Citizen Lab, noted that while no evidence currently shows Americans have been targeted, the possibility exists. He remarked on the decreasing barrier for extensive mobile attacks, indicating that the situation is likely to escalate, making it increasingly difficult for average users to detect these attacks.
Apple’s Protective Measures and Technique Insights
In response to these threats, Apple launched its latest operating system, iOS 26, in September, which offers enhanced protection against these hacking attempts. Additionally, the company took the unusual step last week of rolling out a special update for older devices that prevents the exploitation of these hacking tools.
Complex Nature of Mobile Hacks
Research into the tactics behind these campaigns reveals that they often rely on ‘watering hole’ attacks, where malicious code is embedded in hacked or specially crafted websites targeting mobile devices. Despite significant technical challenges, the campaigns utilizing DarkSword and Coruna leverage a complex series of exploits to achieve control over their targets.
Origins of the Hacking Tools
The tool Coruna has a troubling background; it was linked to Peter Williams, a former executive at military contractor L3Harris, who pleaded guilty last year to selling hacking tools to Russian brokers. Introduced by Russian-linked hackers last summer, this tool initially targeted Ukrainians before it fell into the hands of Chinese cybercriminals, who began using it to create misleading websites aimed at stealing cryptocurrencies.
Targeting Vulnerabilities in Cryptocurrency
Cryptocurrencies like Bitcoin are prime targets for cybercriminals due to the ease of transferring funds and the limited chances for victims to recover lost assets. While the origins of DarkSword remain obscure, it too has been linked to Russian intelligence, with reports indicating its extensive use against individuals in Ukraine, Malaysia, Saudi Arabia, and Turkey.
Rethinking iPhone Security Perceptions
Rocky Cole, COO of iVerify, highlighted the need to reassess the notion that merely owning an iPhone guarantees immunity from cyber threats. He expressed that a misconception exists within the security community regarding the rarity of attacks on iPhones, noting that the reality is far more concerning and widespread than many realize.
