Summary
**Coruna** and **DarkSword** are advanced iPhone hacking toolkits that have leaked online, exposing **hundreds of millions** of devices to data theft. Security researchers from Google and other firms have identified these tools as being used by **government spies** and **cybercriminals** to steal messages, location data, and cryptocurrency from iOS users. The **DarkSword** variant, which targets iOS 18.4-18.7 devices, was **leaked on GitHub**, making it accessible to anyone with basic technical skills. This represents a **critical vulnerability** in Apple's security framework, as the exploits can be triggered by visiting **malicious websites**. The leak raises urgent questions about **state-sponsored surveillance** and the **security of consumer electronics**. [[~apple|Apple]] has not yet issued a public response, but experts warn that users running outdated iOS versions are at **immediate risk**. [[~ios|iOS]] users should update their devices immediately and avoid visiting untrusted websites. [[~github|GitHub]] has removed the leaked code, but the damage could already be done. [[~cybersecurity|Cybersecurity]] experts are now scrambling to assess the full scope of the breach.
Key Takeaways
- DarkSword and Coruna are advanced iPhone hacking tools targeting iOS 13-18.7
- The DarkSword exploit was leaked on GitHub, making it accessible to non-technical attackers
- Apple has not yet issued a public response to the breach
- Users running outdated iOS versions are at immediate risk of data theft
- Security researchers warn of potential mass surveillance using these tools
Balanced Perspective
**Coruna** and **DarkSword** are confirmed to target **iOS 13-17.2.1** and **iOS 18.4-18.7** devices, respectively, with **specific exploit chains** identified by security researchers. The **GitHub leak** of DarkSword is a verified fact, as the code was publicly accessible for several hours before being removed. **Apple** has not officially acknowledged the breach, but its **security updates** typically address such vulnerabilities within weeks. The **number of affected users** is estimated at **hundreds of millions**, but this figure is based on **security firm estimates** rather than official data. **Government agencies** may have used these tools for surveillance, but there is no confirmed evidence of **state-sponsored hacking** in this case. [[~ios|iOS]] users running **up-to-date software** are not at risk, but those with **older devices** should update immediately. [[~github|GitHub]] has taken steps to remove the leaked code, but the **potential for reuse** remains a concern.
Optimistic View
**Apple's security framework** remains robust despite this breach, as the tools only target **outdated iOS versions**. The **leak on GitHub** may have been a temporary exposure, and Apple could release emergency patches within days. **Security researchers** are already working to identify and neutralize the exploits, which could lead to **improved iOS defenses** in the long term. The **public disclosure** of these tools may also pressure **government agencies** to adopt stricter oversight of surveillance technologies. [[~apple|Apple]] has a track record of responding swiftly to vulnerabilities, and this incident could ultimately strengthen **user trust** in its security protocols. [[~ios|iOS]] users who update their devices will be protected, and the **open-source community** may develop new tools to detect and block these exploits. [[~cybersecurity|Cybersecurity]] firms are already offering free audits to help users secure their devices.
Critical View
**DarkSword**'s availability on **GitHub** represents a **critical security failure**, as it allows **non-technical attackers** to launch sophisticated data theft campaigns. The **leak of exploit code** could enable **state-sponsored actors** to target **political dissidents** or **journalists** using **outdated devices**. **Apple's delayed response** to this breach may erode **user trust** in its security promises, especially given the **history of iOS vulnerabilities**. The **potential for mass surveillance** is particularly alarming, as these tools can **steal cryptocurrency** and **location data** without user interaction. **Security researchers** warn that the **exploit chains** may have been used in **previous attacks**, and the **public disclosure** could accelerate **malware development**. [[~ios|iOS]] users who fail to update their devices risk **permanent data loss**, and **government agencies** may exploit this vulnerability for **surveillance purposes**.
Source
Originally reported by TechCrunch