GoKawiilIf you're an iPhone owner, this is what you need to know about the DarkSword hacks. Cybersecurity researchers from the Google Threat Intelligence Group and two cybersecurity firms, Lookout and iVerify, have identified a new hacking toolkit that makes data of iPhone owners vulnerable. The toolkit, called DarkSword, is different from other forms of spyware and malware.
DarkSword doesn't use phishing texts or emails, nor does it require you to download suspicious apps to let hackers into your device. It operates through infected websites, the report says, including ones made to look like Snapchat and government contractor sites. After you've browsed those sites, the spyware can be activated, and your information is at risk.
So far, the attacks have been limited to people outside the US, specifically in Saudi Arabia, Turkey, Malaysia and Ukraine, according to Google. But as spotted by TechCrunch this week, the spyware has been made publicly available on GitHub, which means it will be much easier for any number of bad actors to deploy it.
DarkSword is "highly sophisticated," Lookout said in the report. The toolkit works by establishing "privileged code execution to access sensitive information and exfiltrate it off the device." DarkSword isn't designed for ongoing surveillance but can access a variety of data, including your messages, iCloud content and even crypto wallets.
Google said it was being used by "multiple commercial surveillance vendors and suspected state-sponsored actors." In a support page published March 19, Apple said: "We thoroughly investigated these issues as they were found and released software updates as quickly as possible for the most recent operating system versions to address vulnerabilities and disrupt such attacks."
Google said in the report that it reached out to Apple in late 2025 with its findings. Researchers found that vulnerable phones were running versions of last year's software, including iOS 18.4 through 18.7. That isn't every phone, but as Apple's own data confirms, about one-fifth of iPhone owners are still running iOS 18, leaving potentially millions of people vulnerable.
DarkSword spyware reports are scary, but basic iOS software hygiene can go a long way to keep your data safe. Here's what iPhone owners need to do now to stay safe.
Keep your iPhone software updated
While Apple has applied fixes behind the scenes, you still need to take action to ensure your iPhone is safe. There's an easy but necessary step to keep your phone secure from external threats: Update your iOS software.
"I always recommend people update their iPhone to the latest iOS software as soon as they can," CNE expert Zachary McAuliffe said. "Updates usually include new features, but more importantly, they often patch security issues. Delaying an update means malicious actors could exploit a vulnerability on your iPhone, putting your personal data and system security at risk."
... continue reading