Friends, in today’s modern era, as easy as tasks have become, the danger has also increased, we often become victims of cyber threats like spyware and malware, even a small mistake—like clicking on a bad website—can put your personal data in serious danger. Recently, security researchers have discovered a new spyware toolkit named DarkSword, which can hack an iPhone just by visiting a malicious website. This advanced cyber-attack technique targeted some versions of iOS 18, let’s know its complete details.
Serious threat to security from iPhone spyware
Cybersecurity experts from the Google Threat Intelligence Group, working with Lookout and iVerify, identified a new “full-chain exploit” used in this attack campaign.
It is reported that people of Ukraine were targeted in this attack.
It exploits several zero-day vulnerabilities—deficiencies in security that were not previously known.
By combining multiple bugs, attackers can gain complete control over the iPhone.
A full-chain exploit means that hackers combine multiple vulnerabilities together so that a single visit to a malicious webpage compromises the entire device.
How does the Darksword attack work?
The spyware attack starts inside Safari, specifically the JavaScriptCore engine used in Apple’s WebKit browser framework.
The attack chain works like this:
Malicious Website Trigger – This exploit is activated when a user visits a compromised webpage.
JavaScript Engine Exploit – Vulnerability in JavaScriptCore could allow attackers to run malicious code.
GPU Process Infection – The attack then spreads to the GPU process of the device.
Privilege Escalation – Hackers gain deeper access by targeting the iOS system service media playback.
Kernel Exploit – Finally, a kernel vulnerability allows attackers to take complete control of the device.
What data can spyware steal
Once installed, DarkSword can secretly collect sensitive user data, including:
Saved Passwords
Photos and media files
browsing history
Messages from apps like WhatsApp and Telegram
This makes it very dangerous because attackers can access both personal and private conversations.
Apple has released a security fix
The good news is that Apple has already patched the vulnerabilities affecting some versions of iOS 18. Users are advised to update their iPhone immediately to avoid possible cyber-attacks.
Safety tips for iPhone users
Always keep your iPhone updated to the latest iOS version.
Avoid clicking on suspicious or unknown links.
Use a trusted network when browsing the Internet.
Turn on extra security features like two-factor authentication.
Staying alert and keeping your device updated are the best ways to protect your iPhone from advanced spyware attacks like DarkSword.
-
Packaged drinking water prices rise in Tamil Nadu amid West Asia tensions
-
Former Punjab minister arrested in connection with warehousing official's death by suicide
-
Recruitment has opened for non-teaching positions at the Central Sanskrit University; the deadline to apply is April 16..
-
LPG: How many LPG cylinders can you book in a single month? Learn about the new rules for booking LPG cylinders..
-
MPPSC has announced vacancies for 81 posts; do not let this golden opportunity to secure a government job slip through your fingers..
