Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools | TechCrunch

Summary

Russian government hackers deployed a new iPhone hacking toolkit called 'Darksword' to target Ukrainian users, stealing personal data and potentially cryptocurrency. This follows the earlier discovery of a related toolkit called 'Coruna' that was originally developed by US defense contractor L3Harris but later used by Russian operatives.

Key Points

• Darksword is a sophisticated, modular iPhone exploit kit designed for quick 'smash-and-grab' data theft rather than persistent surveillance
• The malware targeted users visiting Ukrainian websites from within Ukraine, stealing passwords, messages, photos, and cryptocurrency wallet data
• This represents the second advanced iPhone hacking toolkit discovered targeting Ukrainians, suggesting such tools may be more common than previously thought

Takeaways

• Organizations should implement geo-blocking and enhanced web security measures for users in conflict zones where nation-state actors are actively targeting local populations
• The discovery of multiple sophisticated iPhone exploit kits indicates a need for increased mobile security awareness and regular device integrity checks, particularly for high-risk users

Topics: nation-state-threats, mobile-security, iOS-exploits, espionage, cryptocurrency-theft