PSA: Hackers can raid iOS 18 with an infected link: iOS Security
A potent new hacking tool, "DarkSword," has been found targeting iPhones running iOS 18.4-18.6.2, enabling suspected Russian hackers to steal extensive personal data via malicious links. Discovered by Google, Lookout, and iVerify, the exploit could impact 270 million devices. Apple has patched the vulnerabilities, urging users to update immediately.

A potent new hacking tool dubbed “DarkSword” has been discovered, capable of siphoning vast amounts of personal data from iPhones running specific versions of iOS 18. Security researchers found that this sophisticated exploit, already deployed by suspected Russian state-sponsored hackers, targets users who visit malicious links, underscoring the critical need for immediate software updates for millions of devices.
The exploit primarily affects iPhones operating on iOS versions 18.4 to 18.6.2. When a user clicks on a compromised website, DarkSword leverages what Google describes as "six different vulnerabilities" within Safari to initiate an attack. This "hit-and-run" methodology allows attackers to rapidly extract high-value information and vanish before traditional security measures can respond.
Among the sensitive data that can be collected are text messages, contacts, saved credentials, iCloud files, personal photos, cryptocurrency wallet details, call logs, and even location history. The broad scope of data compromised makes DarkSword a particularly alarming threat. Up to 270 million devices still running these impacted versions of iOS 18 could potentially be at risk, highlighting the widespread implications of the discovery.
The Discovery and Scope of DarkSword
The Google Threat Intelligence Group, in collaboration with cybersecurity firms Lookout and iVerify, spearheaded the analysis of the DarkSword attack. Their findings, first reported by Wired, shed light on the sophisticated nature of the exploit and its potential reach. The researchers noted that the Russian-linked hackers left the DarkSword code "unobfuscated, unprotected and easily accessible," raising concerns that other malicious actors could easily repurpose and redeploy it.
Suspected Russian state-sponsored hackers have been identified as the primary users of DarkSword, targeting individuals in Ukraine, Saudi Arabia, Malaysia, and Turkey. These same hacking groups were also observed utilizing another iOS exploit kit named Coruna, which Google highlighted in a separate report earlier this month, indicating a concerted effort to compromise Apple devices.
Apple's Swift Response and User Protections
Google reported the underlying vulnerabilities to Apple in late 2025. In response, Apple spokesperson Sarah O’Rourke confirmed in a statement to The Verge that Apple had already patched all "underlying vulnerabilities" in iOS last year. Furthermore, Apple issued an "emergency software update last week for older devices that were unable to update to more recent versions of iOS," demonstrating a proactive approach to mitigating the threat.
For users seeking heightened protection, the research indicates that DarkSword attacks do not impact iPhones operating in Lockdown Mode. This "extreme" security feature is specifically designed to safeguard journalists, activists, and politicians from highly targeted cyberattacks, offering an additional layer of defense against sophisticated exploits. Both Apple and Google have also taken steps to block the malicious links associated with DarkSword attacks in their respective Safari and Chrome browsers, preventing users from inadvertently accessing compromised sites.
Apple continues to emphasize the paramount importance of keeping devices updated. "Keeping software up to date remains the single most important thing users can do to maintain the high security of their Apple devices as these updates include the latest security fixes and protections," O’Rourke reiterated. This advice is particularly pertinent given the ongoing evolution of cyber threats like DarkSword.
Lingering Threats and Future Vigilance
The revelation of DarkSword serves as a stark reminder of the persistent and evolving threat landscape facing mobile users. While Apple has moved swiftly to patch the vulnerabilities, the exploit's ease of access for other bad actors, coupled with millions of potentially un-updated devices, means the threat could linger for those who delay essential software updates. Vigilance and proactive updating are critical to safeguarding personal data in the face of such sophisticated cyberattacks.
FAQ
Q: What is DarkSword and how does it affect iPhones?
A: DarkSword is a newly discovered hacking tool that targets iPhones running specific versions of iOS 18 (18.4 to 18.6.2). It exploits multiple vulnerabilities in Safari to steal extensive personal data—including text messages, contacts, photos, crypto wallet details, and location history—from devices that visit malicious links.
Q: How can I protect my iPhone from exploits like DarkSword?
A: The most crucial step is to keep your iOS software updated to the latest version, as these updates contain vital security fixes and protections. Additionally, Apple's "Lockdown Mode" offers an extreme layer of security for high-risk users, and both Apple and Google have blocked the malicious links used in DarkSword attacks in their browsers.
Q: Have the vulnerabilities exploited by DarkSword been fixed?
A: Yes, Apple confirmed that it patched all underlying vulnerabilities in iOS last year. An emergency software update was also issued last week for older devices that could not update to more recent iOS versions. However, iPhones still running the vulnerable iOS 18.4 to 18.6.2 versions without these patches remain at risk.
Related articles
Pentagon Halts 155 Wind Projects in 24 States Over Drone Fears
The Pentagon has frozen permitting for 155 wind projects across 24 states for nearly a year, citing concerns that drones can hide within wind farms. This impacts 44 gigawatts of capacity and has cost developers $2 billion. The wind industry claims the freeze is politically motivated and has filed a lawsuit.
in-depth: Chewy Promo Codes: $20 Off July 2026: coupons — Key Details
Pet owners can find substantial savings at Chewy in July 2026. New customers get $20 off first orders (code WELCOME) and free shipping. Existing users benefit from exclusive deals, Autoship discounts, and a Chewy+ membership for ongoing perks and rewards.
Kalshi says it caught Trump’s teleprompter operator insider trading
Prediction market platform Kalshi has accused Donald Trump's teleprompter operator, Gabriel Perez, of insider trading, alleging he used advance knowledge of Trump's speeches to win over $100,000. Kalshi flagged the activity and referred it to the CFTC. While federal prosecutors declined a criminal case, a settlement is being discussed.
Starlink Deorbiting Reports: No Need to Worry (Yet)
Starlink's recent deorbiting of 260 satellites is a routine, engineered safety measure, not a crisis. SpaceX employs proactive, controlled re-entry methods to manage its constellation and mitigate space debris, though environmental impacts are still being studied.
AI-powered travel agency Fora hits unicorn status, raises $60M
Fora, the innovative AI-powered travel agency, has officially joined the ranks of billion-dollar companies, announcing a $60 million Series D funding round that solidifies its unicorn status. The capital injection, led
in-depth: 11 Best Sleeping Bags (2026): Ultralight, Warm Weather, for
A comprehensive guide to the best sleeping bags for 2026 has been released, featuring expert-tested options for every outdoor adventure. From ultralight designs to comfy car camping bags and kid-specific models, this updated selection helps adventurers find their perfect sleep system for warmth and comfort.






