DarkSword, a web-based hacking tool that can be used to steal data from millions of iPhones, has just been created. published on GitHub for public use. Cybersecurity experts say Russian hacking groups are actively using DarkSword “to completely compromise devices.”
Now that the exploit is public, any cybercriminal can quickly copy and paste the DarkSword code, take a few minutes to set it up in their web host, and release the spy.
Last week, reports about a new hacker tool called DarkSword caused great concern in the security world that Apple was forcefully eject a quick response that explains how the company is dealing with the threat. The reports came from Google’s Threat Intelligence Group and two cybersecurity companies, iVerify and Lookout.
Want to be the first to hear about our latest tech coverage? Subscribe to Mashable’s Top News and Deals Books today.
What is DarkSword?
DarkSword is an exploit that allows hackers to steal data from vulnerable iPhones running outdated versions of iOS.
DarkSword is for cybersecurity professionals because it does not require the hacker’s target to download any malware or corrupted files. Hackers can simply download DarkSword HTML and Javascript and upload it to a compromised website. If a user with an older version of iOS visits a compromised site, their device becomes vulnerable. The hacker can then steal data such as passcodes, emails, private messages, and more from the victim’s iPhone.
Mashable Light Speed
As the Lookout reported last week:
In a concrete example of how the attack unfolds, Lookout Threat Labs discovered DarkSword, a full iOS exploit chain and payload for iPhones running iOS versions between iOS 18.4 and 18.6.2…DarkSword aims to extract a wide set of personal information including credentials from the device and specifically targets a number of threatening crypto wallet applications. Notably, DarkSword appears to take a ‘hit and run’ approach by collecting and extracting targeted data from a device over several seconds or minutes followed by cleaning.
Google Cybersecurity researchers reported that the notorious hacker group UNC6353, which is suspected of having ties to the Russian government, previously deployed DarkSword on vulnerable Ukrainian government agency sites to target iPhone users in Ukraine.
Verify was told TechCrunch that the DarkSword exploit now in the wild is slightly different but “shares the same infrastructure.” According to iVerify, no iOS experience is required to use the exploit and it will work “out of the box.”
This Tweet is currently unavailable. Either it is loading or it has already been downloaded.
As TechCrunch also reported, another user of the X shared that they were able to hack their 6th generation iPad running iOS 18.6.2 with the DarkSword exploit that was recently released into the wild.
Apple before report on its developer website that about 25 percent of all iPhones are still running iOS 18, which means hundreds of millions of iOS devices are vulnerable to this exploit. The current iOS version is iOS 26.3.1.
How to protect your Apple devices from DarkSword
The Google Threat Intelligence Group has urged iOS users to update their devices to the latest version of iOS, and if that’s not possible, turn on the iPhone’s Lockdown Mode.
Apple again said that it released a critical security update on March 11 for older iOS devices that cannot install the latest iOS to protect these devices from DarkSword. Users with devices running iOS 13 or iOS 14 need to upgrade to iOS 15 to get these important protections.
