Security researchers identified leaked exploit kits targeting Apple devices, including iPhones and iPads. Tools, known as Coruna and DarkSword, were previously used in government-linked operations. Exposure of the code increases risks for devices running older versions of iOS. Researchers said vulnerabilities affect a wide range of software versions.

Unprecedented Threat To Apple Users

Leak expands the scope of attacks beyond targeted campaigns. Earlier incidents focused on specific groups, including users in China and Hong Kong. Current exposure makes the tools accessible to a broader set of actors. Risk now extends to general users with unpatched devices.

Follow THE FUTURE on LinkedIn, Facebook, Instagram, X and Telegram

Anatomy Of Coruna And DarkSword

Coruna targets devices running iOS 13 through iOS 17.2.1. DarkSword affects more recent versions, including iOS 18.4 and 18.7. Parts of the DarkSword code are publicly available online. Availability lowers the barrier to deploying attacks.

Methodology Of The Attacks

Exploits rely on multiple vulnerabilities within iOS. Attacks often begin when users access compromised websites. Once a device is compromised, attackers can access data such as messages, location and browsing activity. Information may be transferred to external servers.

Origins And Proliferation Of The Tools

Investigations link parts of Coruna to Trenchant, a unit within L3Harris that developed exploit capabilities for government use. Some elements were previously associated with Operation Triangulation. Leak shows how state-developed tools can circulate beyond their original context. Distribution increases exposure across different threat environments.

The Leak And Its Implications

Recent tests conducted by independent researchers have demonstrated that the DarkSword kit, now effectively a plug-and-play instrument for cybercriminals, can exploit older versions of iOS with ease. Despite GitHub’s stance on preserving code for educational and security research purposes, the availability of such a potent tool heightens the risk of widespread data breaches. Experts compare this situation to the infamous WannaCry ransomware attack, which exploited a leaked NSA tool to cause global disruption in 2017.

Mitigation And Protection Strategies

Apple recommends updating devices to the latest software versions. Updated systems include protections against known vulnerabilities. Users can also enable Lockdown Mode for additional security. The feature is designed for high-risk scenarios but is available to all users.

Maintaining A Secure Digital Environment

Users are advised to apply software updates and monitor device security settings. Risks remain higher for outdated systems. Security depends on timely updates and awareness of potential threats.