A newly discovered hacking tool is raising serious concerns among cybersecurity researchers, as it has the potential to compromise hundreds of millions of iPhones worldwide. The tool has been found actively circulating online and being used in real-world attacks, marking a shift from highly targeted exploits to broader threats that could impact everyday users.

Researchers found that the tool takes advantage of vulnerabilities in iPhones running certain versions of iOS, particularly iOS 18. Because a large number of users have not updated their devices, experts estimate that hundreds of millions of iPhones could be exposed to this type of attack.

One of the most concerning aspects of the tool is how easily it can infect a device. In many cases, users do not need to download anything or click on suspicious files. Simply visiting a compromised website can be enough to trigger the exploit, allowing attackers to gain access to the phone without the user realizing it.

Once a device is compromised, attackers can access a wide range of sensitive information. This includes text messages, contacts, personal files, and even data from cryptocurrency wallets and health apps. The tool uses a fileless method, meaning it does not leave behind traditional malware files, making it much harder to detect with standard security measures.

Another key detail is that the attack does not remain permanently on the device. It disappears after a reboot, which can make it more difficult to trace. However, the tool is designed to extract valuable data quickly, meaning damage can occur within minutes before it vanishes.

Security experts say the tool has already been used in multiple international campaigns, including operations linked to state-sponsored groups. These attacks have been observed in countries such as Ukraine, Turkey, Saudi Arabia, and Malaysia, indicating that the threat is not limited to one region.

The tool has also been found circulating online with documentation explaining how to use it. This accessibility raises concerns that more attackers could adopt similar methods, increasing the likelihood of widespread cyberattacks as advanced tools become easier to obtain.

Researchers have also identified connections between this tool and other known hacking frameworks, suggesting it may be part of a larger ecosystem of advanced cyber tools that are developed and shared among different groups. This increases concern about how quickly such tools can spread and evolve.

In response, Apple has released security updates designed to fix the vulnerabilities being exploited. However, experts stress that these updates are only effective if users install them promptly. Devices running outdated software remain vulnerable.

The emergence of this tool is being compared to past cybersecurity incidents where powerful exploits were leaked and later used in large-scale attacks. Experts say this situation highlights the growing challenge of protecting devices in an environment where advanced hacking tools can spread quickly and be used by a wide range of actors.

Source: Wired