Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

Andy Greenberg · WIRED

Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites. While the technique doesn’t affect the latest, updated versions of iOS, it does work against iOS devices running versions of Apple’s previous operating system release, iOS 18
· · ·
the hackers who carried out that espionage campaign left the full, unobscured DarkSword code—complete with explanatory comments in English that describe each component and include the “DarkSword” name for the tool—available on those sites for anyone to access and reuse. That carelessness, he says, practically invites other hacker groups to adopt it and target other iPhone users. “Anyone who manually grabbed all the different parts of the exploit could put them onto their own web server and start infecting phones. It’s as simple as that,” says Frielingsdorf. “It’s all nicely documented, also. It’s really too easy.”
· · ·
“Instead of using a spyware payload to brute force your way through the file system—which leaves tons of artifacts of exploitation that are pretty easy to detect—this just uses system processes the way they’re meant to be used,” iVerify’s Cole says. “And it leaves far fewer traces.”
· · ·
“People assumed that it was just going to be journalists or activists or maybe an opposition politician that was targeted, and that this wasn’t a concern for a normal citizen,” says Justin Albrecht, who leads mobile threat intelligence at Lookout. “Now that we see iOS exploits being delivered through an unscrupulous broker, there’s a whole market here for this to get to cybercriminals” who will use it with far less discretion.
· · ·
“If this one gets burned, I’ll just go get another one,” Cole says, describing the hackers’ apparent thinking. “They know there’s more where this came from.”

Quoted at length because paywall. WIRED’s reporting has been good as of late, and my subscription was absurdly inexpensive. Consider it if this is your kinda thing.