tldrdailynews.com logo

DarkSword: High-End iOS Exploit Kit Uses Zero-Days for Rapid Device Takeover

1 min read
Source: The Hacker News
DarkSword: High-End iOS Exploit Kit Uses Zero-Days for Rapid Device Takeover
Photo: The Hacker News
TL;DR Summary

DarkSword is a JavaScript-based iOS exploit kit targeting iPhones on iOS 18.4–18.7 via watering-hole campaigns, chaining six vulnerabilities to achieve remote code execution, escaping the WebContent sandbox through the GPU into mediaplaybackd, escalating to kernel privileges, and then loading a data-collection module to exfiltrate a wide range of information (including emails, iCloud data, messages, wallet data, photos, contacts, and more) before cleaning up. Used by UNC6353 and linked groups such as UNC6748 and PARS Defense, the kit underscores a growing market for high-end iOS exploits and rapid, non-persistent data theft.

Topics:technology#data-exfiltration#exploit-kit#ios#security#watering-hole#zero-day
Share this article
  1. DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover  The Hacker News
  2. Second iOS exploit kit now in use by suspected Russian hackers  CyberScoop
  3. Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild  WIRED
  4. Hackers target millions of iPhones with new DarkSword spyware  Mashable
  5. Researchers uncover iPhone spyware capable of penetrating millions of devices  Reuters

Reading Insights

Total Reads

0

Unique Readers

12

Time Saved

7 min

vs 8 min read

Condensed

94%

1,40990 words

Want the full story? Read the original article

Read on The Hacker News