Ubuthakathaka obaziwa ngokuthi Inkemba Emnyama Sekungenye yezehlakalo zokuphepha ezimbi kakhulu ezithinte ama-iPhone muva nje. Abacwaningi abavela ku-Google, iVerify, kanye ne-Lookout babhale phansi ukuthi lolu chungechunge lwe- ukuxhashazwa kwe-zero-click Ivumela ukulawula amadivayisi nge-iOS 18 ngokulayisha ikhasi lewebhu elinegciwane, ngaphandle kokuthi umuntu acindezele noma yini noma avule izixhumanisi ezisolisayo.
Leli cala libangele imisindo emphakathini wezokuphepha kwe-inthanethi waseYurophu, ngoba amakhulu ezigidi zama-iPhone Izinguqulo ezisengozini ze-iOS 18 zisasebenza emhlabeni wonke. Nakuba i-Apple isivele ikhiphe ukulungiswa kanye nama-patches eziphuthumayo, ukwamukelwa kwezinguqulo zakamuva kuhamba kancane kunokulindelekile, ngokwengxenye ngenxa yokungabaza ngokuthi kanjani phatha isikhala, okugcina indawo yokuhlasela enkulu kokubili eYurophu nakwezinye izimakethe.
Iyini ngempela i-DarkSword futhi kungani ibangela ukukhathazeka okungaka?
I-DarkSword akuyona iphutha elilula elihlukile, kodwa ikhithi ephelele yokuhlasela ye-iOS Yakhelwe ukulimaza ama-iPhone ngaphandle kokuxhumana komsebenzisi. Ukuhlaziywa kobuchwepheshe kukhombisa ukuthi ithuluzi lijikeleza ubuthakathaka obuyisithupha bezinsuku ezingenalutho ukusuka kusiphequluli se-Safari kuya ku-kernel yesistimu yokusebenza uqobo, ukuthola amalungelo anele okufinyelela cishe lonke ulwazi olukudivayisi.
Umkhankaso wokuqala utholwe ku- Amawebhusayithi amaningi ase-Ukraine asemthethweni lokho okwakushintshiwe. Ukufinyelela nje elinye lalawo makhasi kusuka ku-iPhone enegciwane kwakwanele ukuqala uchungechunge lokuxhaphaza ngemuva. Ukusuka lapho, i-DarkSword yayingafunda imiyalezo ye-iMessage, i-WhatsApp, kanye ne-Telegram, ibuke umlando wokuphequlula, ibuke amanothi, imicimbi yekhalenda, noma ifinyelele ngisho namarekhodi avela kuhlelo lokusebenza lwe-Apple's Health.
Esinye sezici ezikhathaza kakhulu abacwaningi ukuthi ukuhlaselwa kusetshenziswe ngezinga elikhulu hhayi kuphela ngokumelene nezinhloso ezidumile. Ngokusho kwedatha eqoqwe yi-iVerify kanye ne-Lookout, phakathi kwezigidi ezingama-220 nezingama-270 zama-iPhone Baqhubeka nokusebenzisa izinguqulo ze-iOS 18 ezisengozini, empeleni ezimele cishe u-14-25% wemikhumbi ye-iPhone esebenzayo.
Ngaphezu kwalokho, i-DarkSword ithembele ekwakhiweni kwamamojula angemva kokuxhashazwa—okukhulunywa ngawo ngabahlaziyi abanamagama ekhodi anjenge- I-GHOSTBLADE, Ummese we-GHOST noma i-GHOSTSABER— abanomthwalo wemfanelo wokuqoqa nokupakisha ulwazi olubiwe ngesikhathi esifushane kakhulu, into ekhangayo kakhulu emikhankasweni yobunhloli kanye ukwebiwa kwemali yedijithali.
Indlela okuhlasela ngayo: kusukela ku-Safari kuya ku-iOS core
I-DarkSword isebenza ngokusebenzisa uchungechunge lobuthakathaka bokuphepha oluxhunywe ngokulandelana. Iphuzu eliyinhloko lokungena yi- Isiphequluli seSafari noma iyiphi ingxenye eveza okuqukethwe kwewebhu. Uma ikhasi elisengozini lilayisha, ikhodi eyenzelwe ngqo ukusebenzisa ubuthakathaka enjinini yeJavaScript nakwezinye izingxenye zesiphequluli iyasetshenziswa.
Uma leso sigaba sokuqala sesiphumelele, ukuxhashazwa kuqhubekela phambili ezingqimbeni ezijulile zesistimu, kusizakale ngobuthakathaka obengeziwe kuze kube yilapho kufezwa. ukusetshenziswa kwekhodi ngamalungelo aphezuluNgalelo zinga lokufinyelela, umhlaseli angafunda izizindalwazi zangaphakathi, akhiphe izinkinobho zephasiwedi, abukeze izingxoxo, futhi ahlole amafayela avame ukuvikelwa ngisho nasezinhlelweni zokusebenza zomsebenzisi.
Indlela iwuhlobo engenafayelaNgamanye amazwi, i-DarkSword igwema ukufaka izinhlelo zokusebenza ezibonakalayo noma amafayela aqhubekayo. Kunalokho, ibamba izinqubo zesistimu yokusebenza, ikhiphe imiyalo enobungozi kwimemori, futhi isule yonke iminonjana ngemizuzu embalwa. Lokhu kuziphatha "kokushaya nokugijima" kwenza ukutholakala kube nzima kakhulu, ngisho nasezixazululweni ezikhethekile, ngoba ngemva kokuqala kabusha ifoni, azikho izimpawu ezicacile zokungena.
Le ndlela yokusebenza ikhumbuza amasu akudala asetshenziswa ekuhlaselweni kwamakhompyutha okuthuthukile, kodwa avumelaniswe ne-Apple ecosystem. Eqinisweni, abacwaningi bagcizelela lokho Azikho izinkomba ezijwayelekile ze-spyware yabahlali ezibonweLokhu kushintsha kakhulu imithetho yomdlalo kulabo abajwayele ukufuna izinhlelo zokusebenza ezisolisayo kudivayisi yabo.
Izinguqulo ze-iOS ezithintekile kanye nokufinyelela emhlabeni jikelele
Amagagasi okuqala e-DarkSword ayeqondiswe kakhulu ku Ama-iPhone ane-iOS 18Imibiko evela ku-Google, Lookout, kanye ne-iVerify ikhomba njalo izinguqulo eziphakathi I-iOS 18.4 kanye ne-iOS 18.6.2 njengowonakele kakhulu emikhankasweni etholakele. Ezinye izihlaziyi zikhuluma nangokulungiswa okungaphelele ku-iOS 18.7.2, kanti ezinye zibeka ukuvalwa okuphelele kobuthakathaka ku-iOS 26 nakamuva.
Kunoma ikuphi, isithombe esidwetshwe yidatha sicacile: Amadivayisi amaningi kakhulu asasebenza ku-iOS 18Lokhu kungenxa yokuthi abanikazi babo abakathuthukeli ezinguqulweni zakamuva noma ngoba bakhetha ukugwema izinguquko zesikhombimsebenzisi. Lesi simo asigcini nje ngokuthinta abasebenzisi ezindaweni ezingqubuzanayo, kodwa futhi sithinta nezigidi zabantu e-European Union naseSpain abasebenzisa ama-iPhone abo nsuku zonke ukuze basebenzise amabhange, ukuhlonza ngedijithali, noma ukusayina nge-elekthronikhi.
Abacwaningi babhale phansi ukusetshenziswa kwe-DarkSword kusukela okungenani ngasekupheleni kuka-2025Nakuba ukutholakala kokuqala kwenzeke ezindaweni zase-Ukraine, imikhankaso yokulwa nezinhloso [ezingachazwanga] yatholakala ngokushesha. ISaudi Arabia, Türkiye kanye neMalaysiaEzimweni eziningana zalezi, ukuxhashazwa kwafakwa kumawebhusayithi asemthethweni, njengezingosi zezindaba noma amasayithi okuphatha, kusetshenziswa idumela lawo elihle ukuze lingabonwa.
EYurophu, ingozi ayiqondile kodwa ibaluleke kakhulu: noma yimuphi umsebenzisi ovakashela amakhasi asengozini abanjwe ngaphandle kweYurophu, noma oxhuma ngamanethiwekhi aphesheya, angagcina elande ikhodi enonya. Ngaphezu kwalokho, iqiniso lokuthi i-DarkSword iyikhithi engasetshenziswa kabusha landisa amathuba okuthi ekugcineni izohlanganiswa ku-[okungacacile/okungacacile]. imikhankaso ebanzi yobugebengu be-inthanethi, okuhlanganisa nalezo ezihlose ukweba ama-akhawunti asebhange aku-inthanethi kanye nama-wallet e-cryptocurrency asetshenziswa izakhamuzi zaseYurophu.
Ubani obangela iDarkSword futhi buyini ubudlelwano babo neCoruna?
Ingxenye ebalulekile yokuqonda umthelela we-DarkSword umongo wayo. Ekuqaleni kwale nyanga, ithimba elifanayo le-Google kanye ne-iVerify lenze umphakathi walo omunye umshini wokuhlasela osezingeni eliphezulu owaziwa ngokuthi ICorunaikwazi ukulimaza ama-iPhone kusukela ku-iOS 13 kuya ku-iOS 17.2.1 kuya ku-23 vulnerability. Womabili amaphakheji okuxhaphaza avele kungqalasizinda efanayo yesevaLokhu kukhomba emthonjeni ofanayo noma, okungenani, ekubambisaneni phakathi kwabalingisi abaningana.
Ingxenye yale mishini kukholakala ukuthi yavela emakethe yokuxhaphaza esezingeni likahulumeni. Uphenyo lwangaphambilini lucaphuna icala lowayeyilungu lesigaba seTrenchant, owayengowenkontileka yezokuvikela u-L3Harris, owavuma ukuthi wayenayo wathengisa uchungechunge lobuthakathaka kumlamuleli waseRussia okwaziwa ngokuthi yi-Operation Zero. Kusukela lapho, uchungechunge lokuxhashazwa lwaluzosuka ezandleni zombuso luye emaqenjini obugebengu angacophelelanga kangako.
Endabeni ye-DarkSword, i-Google ithi ibone ukusetshenziswa kwayo ngo- abahlinzeki bokuqapha kwezentengiselwano kanye nabasolwa ngokuba ngabaphangi abaxhumene nezikhungo zobuhlakani zikahulumeni. Omunye wemikhankaso uhilela ngqo i-PARS Defense, inkampani yokuqapha kwezentengiselwano yaseTurkey, ekuhlaselweni okuqondiswe ezindaweni eTurkey naseMalaysia.
Izixhumanisi eziya eRussia nazo zikhona. Ingxenye yekhodi yasetshenziswa ku amasayithi ase-Ukraine asengoziniFuthi abacwaningi bakhuluma ngabasebenzi abaxhumene nezintshisekelo zaseRussia okusolwa ukuthi basebenzise kabusha lokhu kuxhaphaza ukuhlanganisa ubunhloli bezepolitiki kanye nenzuzo yezezimali. Imininingwane ephawuleka kakhulu ukuthi ikhodi ye-DarkSword ivele kwamanye amaseva. ngaphandle kokufiphaza kanye namazwana achazayo ngesiNgisiLokhu kwenza kube lula ngabanye abenzi bobubi ukuyikopisha, ukuyivumelanisa nezimo, nokuqalisa imikhankaso emisha.
Ukukhishwa kwe-Coruna kanye ne-DarkSword cishe ngasikhathi sinye kubonisa izinga imakethe yamathuluzi okungena e-iOS eshintsha ngalo. Lokho okwakuyi-"sniper wearms" okwakugcinelwe imisebenzi eqondiwe ngokumelene nezinhloso ezithile manje sekuguquka kube yi-" inqwaba yokusetshenziswa okukhulu, ngokufinyelela okungenzeka okudlulela ngale kwemibuthano yezombusazwe noma yezempi.
Yiluphi ulwazi olungabiwa yi-DarkSword ku-iPhone?
Imibiko yobuchwepheshe iyavuma ukuthi i-DarkSword inamandla okukhipha idatha ebucayi ebanzi kakhulu. Uma ukungena sekuqediwe, amamojula angemva kokusetshenziswa angafinyelela amaphasiwedi agciniwe, amathokheni okuqinisekisa, kanye neziqinisekiso zesevisi yamafuLokhu kufaka phakathi ama-akhawunti e-imeyili, izinkundla zokuxhumana, kanye nokufinyelela izinsizakalo zezezimali.
Emkhakheni wezokuxhumana, ikhithi ilungiselelwe ukuqoqa imiyalezo namalogi avela ku-iMessage, WhatsApp, kanye ne-Telegramkanye nezinye izinhlelo zokusebenza zemiyalezo ezithembele kudathabheyisi efanayo yangaphakathi. Lokhu kuvumela ukwakhiwa kabusha kwezingxoxo zangaphambilini, ukuthola izinombolo zocingo kanye nemethadatha mayelana nokuthi kukhulunywa nobani nokuthi kangaki.
I-DarkSword iphinde ihlose izici zomuntu siqu zedivayisi: izithombe, amavidiyo, umlando wokuphequlula, amanothi, ikhalenda, kanye nedatha yohlelo lokusebenza lwezempiloLokhu akuyona nje inkinga yobumfihlo engaqondakali; ezimweni eziningi, le datha ivumela ukuqoshwa kwezinqubo zansuku zonke, imikhuba, indawo eseduze, ngisho nolwazi mayelana nesimo sempilo, into ebucayi kakhulu ngaphansi kwemithetho eqinile yokuvikela idatha yaseYurophu.
Inhloso ebaluleke kakhulu ama-wallet e-cryptocurrency kanye nezinye izimpahla zedijithaliI-malware ihlose ngqo iziqinisekiso nezihluthulelo ezihambisana nama-wallet, amapulatifomu okushintshana, kanye nezinhlelo zokusebenza zezimali. Abacwaningi babhale phansi imikhankaso lapho abaqhubi be-DarkSword basebenzisa khona amawebhusayithi e-cryptocurrency akhohlisayo ukuze basize ukwebiwa kwemali, ngaleyo ndlela behlanganisa ubunhloli kanye nobugebengu bezezimali.
Konke lokhu kwenziwa ngesikhathi esifushane. Idizayini "engenamafayela" yenza kube lula ukuhlaselwa okusheshayo, lapho i-spyware iqoqa khona ulwazi oluningi ngangokunokwenzeka ngemizuzu embalwa yokuqala ngemva kokutheleleka bese... uhlanza ingxenye enkulu yezinyathelo zakheLokhu kunciphisa amathuba okuthi umsebenzisi uzobona noma yini engavamile mayelana nokuziphatha kwefoni.
Izindlela zokuzivikela: izibuyekezo, imodi yokuzihlukanisa, kanye nemikhuba emihle kakhulu
Uma ubhekene nokuxhashazwa okukhulu kangaka, umugqa oyinhloko wokuzivikela, noma ngabe uzwakala ulula kangakanani, Gcina i-iPhone yakho ibuyekeziweI-Apple ibilokhu ilungisa ubuthakathaka obuyisisekelo emizuliswaneni eminingana: okokuqala ngezibuyekezo ezithile zokuphepha ze-iOS 18, bese kuba ngama-patches afana ne-iOS 18.7.2, futhi ekugcineni, ivala izikhala ochungechungeni lwakamuva lwe-iOS 26.
Empeleni, isincomo sanoma yimuphi umsebenzisi eSpain noma kulo lonke elaseYurophu ukufinyelela Amasethingi> Okuvamile> Ukuvuselelwa kweSoftware futhi uqinisekise ukuthi idivayisi isebenzisa inguqulo yakamuva etholakalayo yemodeli yayo. Uma i-iPhone ingabuyekezwa ibe yi-iOS 26, kungcono ukwenza kanjalo ngokushesha okukhulu. Kumadivayisi asasebenzisa i-iOS 18, kubalulekile ukufaka wonke ama-patches okuphepha akhishwe yi-Apple.
Esinye isendlalelo sokuzivikela esifanele yi- Imodi YokukhiyaLe ndlela, eyaqale yaklanywa kubasebenzisi abasengozini enkulu—izintatheli, izishoshovu, izikhulu zomphakathi—ibonakale isebenza kahle ekuvimbeleni noma okungenani ekuvimbeleni kakhulu amanethiwekhi okuxhaphaza njengalawo asetshenziswa yi-DarkSword ne-Coruna. Eqinisweni, amanye ala makhithi akhetha ukuyeka ukungena uma ethola ukuthi idivayisi ikule ndlela, ukuze agweme ukushiya noma yimuphi umkhondo ongenza kube lula uphenyo.
Ngaphandle kwezibuyekezo nezici ezithuthukisiwe, kunezindlela eziningi ezinhle ezisasebenza. Nakuba kulo mkhankaso othize Asikho isidingo sokuchofoza izixhumanisi ezingajwayelekile Ukuze ugweme ukutheleleka, kuyalulekwa ukunciphisa ukuvezwa ngokuvakashela amawebhusayithi athembekile kuphela, ukugwema amanethiwekhi omphakathi e-Wi-Fi angabethelwe, kanye nokubuyekeza njalo izilungiselelo zobumfihlo nokuphepha kwesistimu.
Kubasebenzisi abaphatha idatha eningi ebucayi noma izimpahla zedijithali, kungaba nengqondo ukuthembela ku- amathuluzi okuqapha akhethekile njengalezo ezinikezwa izinkampani emkhakheni wezokuphepha kweselula. Aziyona ikhambi lomlingo—ikakhulukazi ngokuhlasela okunjalo okuyimfihlo—kodwa zingasiza ekutholeni ukuziphatha okungavamile noma ukucushwa okubuthakathaka.
Ikesi le-DarkSword liphinde laba yisikhumbuzo kubanikazi abaningi be-iPhone eYurophu ukuthi ukuphepha okungenamkhawulo akulona iphutha. I-iOS isalokhu ingenye yamapulatifomu eselula aqine kakhulu, kodwa izinsongo ezingeni likahulumeni kanye nezimakethe zokuxhaphaza ezisebenzisa isabelomali esiphezulu Bafinyelela ezingeni lobuchwepheshe elidinga ukuqaphela okukhulu futhi bathatha izibuyekezo zokuphepha ngokungathi sÃna kakhulu.
