Google and cybersecurity companies Lookout and iVerify have detailed a new hacking technique that potentially puts a significant portion of iPhone users at risk simply by visiting the wrong web page. The hack is called “Darksword” and since it specifically targets several different versions of iOS 18, it could affect “about a quarter of iPhones.” wired Writes.
DarkSword is a “fileless” hack that takes advantage of a collection of exploits to access sensitive data when an iPhone visits an infected website. Instead of installing spyware on a user’s phone after messages and other private information is stolen, fileless hacks like DarkSword take over “legitimate processes in the iPhone’s operating system to steal data.” wired. What’s even more disturbing is that DarkSword deletes any evidence of it running on the iPhone after it steals your information.
The hack begins as soon as an iOS device encounters a “malicious iframe embedded in a web page,” after which it works its way through your iPhone, collecting sensitive information like passwords before deleting itself. Lookout says DarkSword can get away with things like messages and iCloud content, but it’s also specifically designed to access cryptocurrency wallets, which could indicate who was using DarkSword before it became widely available.
DarkSword has reportedly been used in Ukraine, Saudi Arabia, Malaysia, Turkey, and Russia, and its origins may be linked to a different hacking toolkit called Koruna. techcrunch The report may have been created for the US government by a company called Trenchant. Regardless of where DarkSword came from, the tool did not become widely available until its Russian users left DarkSword’s source code on a website for anyone to access, “with explanatory comments in English that describe each component and include the name ‘DarkSword’ for the tool,” wired Writes.
Apple patched the exploits used by DarkSword and Koruna in the recent update to iOS 26, which is the annual software release after iOS 18 through 2025. The problem is that not everyone is using the latest updates from Apple. Darksword targets the iOS 18 release between iOS 18.4 and iOS 18.6.2, and according to Apple’s latest iOS usage statistics for developers, about 24 percent of iOS devices are still on iOS 18. Without more details, it’s hard to know how many people are exposed, but as a rule, if your iOS device can update to a newer software release, you should do so as soon as possible to be safe.
<a href