The exploit, revealed last week by Google’s Threat Intelligence Group, is now publicly available on GitHub, increasing the urgency for older iPhones and iPads to run the latest available iOS and iPadOS versions. Here are the details.
’This is bad’
In recent weeks, Google’s Threat Intelligence Group, iVerify, and Lookout revealed details of two exploits, Coruna and DarkSword, that chain multiple iOS and iPadOS vulnerabilities to compromise outdated iPhones and iPads.
In a nutshell, both exploits rely on WebKit and other vulnerabilities that Apple recently patched with iOS 16.7.15, iOS 15.8.7, iPadOS 16.7.15, and iPadOS 15.8.7, allowing attackers to steal user data or gain full control of a device.
Following the disclosure of both exploits, Apple published a support document stressing the importance of keeping devices up to date, even if they can’t run iOS 26 or iPadOS 26. Apple also added that Lockdown Mode can further curb hacking attempts.
Now, as spotted by TechCrunch, “someone has leaked a newer version of DarkSword and published it on the code-sharing site GitHub,” which essentially means attacks exploiting these vulnerabilities are very likely to increase.
From TechCrunch:
When asked about the leak, Matthias Frielingsdorf, co-founder of iVerify, told TechCrunch:
TechCrunch contacted Apple and Microsoft (which owns GitHub) about the exploit. While Microsoft did not immediately respond, Apple said the company “was aware of the exploit targeting devices running older and out-of-date operating systems and issued an emergency update on March 11 for devices unable to run recent versions of iOS.”
To read TechCrunch’s full report, follow this link.
