Google's Threat Intelligence Group (GTIG) has detected a dangerous piece of malware that is targeting iPhone users worldwide. Google has codenamed this attack 'DarkSword.' This malware is so sophisticated that simply visiting a malicious website is enough to compromise and steal your personal data. Let's understand what this malware is, how it operates, and how you can protect yourself from it.

**What is DarkSword, and how does it work?**
The mechanism by which this malware operates is straightforward yet extremely dangerous. If you inadvertently open an infected website on your iPhone—even by mistake—this spyware begins stealing your data in the background the moment the page loads. The most alarming aspect is that it neither requests your permission nor issues any warning. All of this occurs so silently and rapidly that the user remains completely unaware that their phone has been compromised.

**Who is behind this attack?**
According to research conducted by Google and other security firms, this malware has ties to Ukraine. A hacker group known as UNC6353 is believed to be behind this attack. The primary objective of these hackers is not to maintain a persistent presence on your device, but rather to rapidly exfiltrate data and then vanish, erasing all traces of their activity.

**Which iPhones are most at risk?**
According to Google's report, this malware exploits vulnerabilities present in older versions of Apple's operating system. Consequently, users whose iPhones are running on iOS versions ranging from 18.4 to 18.7 face the highest risk from this threat.

**What can hackers steal?**
By breaching your device, the DarkSword malware can steal highly sensitive and private information in a matter of moments. Once active on the phone, it gains easy access to your saved passwords, photos stored in your gallery, and even your internet browsing history. The threat is not limited to this alone. This malware is also capable of extracting your private messages from apps such as WhatsApp and Telegram. Furthermore, in some instances, it is fully capable of stealing details regarding your cryptocurrency wallets. Simply put, this cyberattack by hackers is not confined merely to spying on you; rather, it is part of a conspiracy designed to inflict severe financial losses upon you.

Why is it so dangerous?
According to a Google blog post, this malware bears a resemblance to an older toolkit known as the 'Corona Exploit Kit.' It employs a 'fileless method,' which means it does not download any new apps or files onto your phone. Instead, it utilizes tools already present on your device to steal data and subsequently erases all traces of its activity. Even if you restart your phone, detecting this hack becomes nearly impossible.

How to stay safe?
To protect yourself from this dangerous malware, you must take certain essential steps immediately. First, navigate to your phone's settings to check if any new updates are available, and promptly update your device to the latest iOS version. If, for technical reasons, you are currently unable to update your phone, go to your security settings and enable 'Lockdown Mode,' as this significantly enhances your device's security. Additionally, exercise extreme caution while browsing the internet, and under no circumstances should you click on links to any suspicious or unfamiliar websites.

PC Social Media