The common assumption among iPhone security experts has been that finding vulnerabilities and developing exploits for iOS was difficult, requiring a lot of time, resources, and teams of skilled researchers to break through its layers of security defenses. That meant iPhone spyware and zero-day vulnerabilities, which aren’t known to the software vendor before they are exploited, were rare and only used in limited and targeted attacks, as Apple itself says.
But in the last month, cybersecurity researchers at Google, iVerify, and Lookout, have documented several broad-scale hacking campaigns using tools, known as Coruna and DarkSword, which have been near-indiscriminately targeting victims around the world who are not yet running Apple’s most up-to-date software. Some of the hackers behind these attacks include Russian spies and Chinese cybercriminals, and target their victims via hacked websites or fake pages, allowing them to potentially steal phone data from a large number of victims.
