Google, iVerify, and Lookout researchers discover DarkSword, a hacking tool used by Russia-sponsored and other hackers to target iOS 18 via Ukrainian websites
A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers.
Wired Andy Greenberg
Related Coverage
- The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors Google Cloud Blog
- Inside DarkSword: New iOS Exploit Kit Delivered Via a Compromised Legitimate Ukrainian Government Site iVerify
- Attackers Wielding DarkSword Threaten iOS Users Lookout
- Apple iOS 18 vulnerability chain exposes new attack pathway, researchers say The Hindu · John Xavier
- Second iOS exploit kit now in use by suspected Russian hackers CyberScoop · Tim Starks
- Hackers target millions of iPhones with new DarkSword spyware Mashable · Matt Binder
- Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools TechCrunch · Lorenzo Franceschi-Bicchierai
- iVerify Details DarkSword, Second Mass Attack Against iOS Disclosed in Two Weeks iVerify
- Researchers uncover iPhone spyware capable of penetrating millions of devices Reuters · A.J. Vicens
- PSA: Hackers can raid iOS 18 with an infected link The Verge · Emma Roth
- iOS 18 exploit allows hackers to steal iPhone data MobileSyrup · Bradly Shankar
- Apple warns iPhone users to update software after hacking campaigns detailed by researchers NBC News · Kevin Collier
- State snoops and spyware vendors planting info-stealing malware on iPhones, Google warns The Register · Jessica Lyons
- A new iPhone hacking tool puts anyone still on iOS 18 at risk Engadget · Ian Carlos Campbell
- More than 220 million iPhones under attack from new DarkSword exploit — how to stay safe Tom's Guide · Scott Younker
- Russia-linked hackers use advanced iPhone exploit to target Ukrainians The Record · Daryna Antoniuk
- New iPhone hacking tool puts hundreds of millions of devices at risk Cult of Mac · David Snow
- Lookout Uncovers DarkSword iOS Exploit Chain, Exposing a New Era of Mobile Threats Lookout
- “Darksword” iOS 18 exploit allows hackers to covertly steal sensitive information from iPhones XDA Developers · Patrick O'Rourke
- Still On iOS 18.4 to 18.7? iPhone Hack Called ‘DarkSword’ Can Hit Your Device PCMag · Michael Kan
- Why You Should Update Your iPhone Now to Avoid the New ‘DarkSword’ Exploit iPhone in Canada · John Quintet
- New iOS Exploit With Advanced iPhone Hacking Tools Attacking Users to Steal Personal Data Cyber Security News · Guru Baran
- New iOS exploit chain DarkSword discovered on government sites CyberInsider · Bill Mann
- Russia is using stolen U.S. made spyware to hack iPhones in Ukraine in a massive attack Neowin · Karthik Mudaliar
- New DarkSword iPhone hack ‘can steal everything’ just by visiting the wrong website Irish Independent · Adrian Weckler
- Researchers discover zero-day DarkSword exploit chain in iOS 18 SiliconANGLE · Maria Deutscher
- New “Darksword” iOS exploit used in infostealer attack on iPhones BleepingComputer · Bill Toulas
- Researchers uncover iPhone spyware capable of penetrating millions of devices MacDailyNews
- Check out our research on DarkSword, yet another iOS exploit chain that has escaped the “lawful” realm of CSV activity and is being used by threat actors for both financial gain and espionage. … Justin Albrecht
- When I co-founded Mantis, one vision was investing in startups that address esoteric yet critical digital security problems. … Alex Pall
- Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild Hacker News
- Your iPhone could be hacked just by visiting a website if you're still running iOS 18 Digital Trends · Rachit Agarwal
- Multiple Threat Actors Exploiting a Six-Vulnerability iOS Exploit Kit Dubbed “DarkSword” The Cyber Express · Mihir Bagwe
- Google Warns iOS 18.4 to 18.6.2 Users About Serious iPhone Malware The Mac Observer · Rajat Saini
Discussion
-
@ryanaraine
Ryan Naraine
on x
Two full iOS exploit kits in one month, deployed via watering holes on public websites, potentially affecting hundreds of millions of devices. Will Apple acknowledge that this no longer fits the “very small number of highly targeted individuals” narrative? [image]
-
@krzywix
Mateusz Krzywicki
on x
In collaboration with Lookout and Google (thank you 🙏) we have been working on tearing down and building detections for DarkSword - iOS exploit chain for iOS 18.4 - 18.7. Super excited for this research 🎉. Please update your iPhones. https://iverify.io/...
-
@mattjay
Matt Johansen
on x
I've been briefed on this one from the team that found it. I interviewed them yesterday and will put out a video soon. - it's an insane story between Darksword and Coruna.
-
@onejailbreak_
@onejailbreak_
on x
🗞️DarkSword, a full-chain iOS exploit using 4 zero-days, has been used in real attacks across multiple countries🥷🚀 Targets iOS 18.4-18.7, while earlier Coruna chains hit iOS 13-17.2.1. https://onejailbreak.com/... This may be useful for a jailbreak, and more! — All via Safari [im…
-
@intcyberdigest
@intcyberdigest
on x
❗️GTIG has identified an exploit chain targeting Apple iOS users called DarkSword. Victims get compromised by visiting a website. It does: ▪️ Messages, contacts, call logs ▪️ Location, browser data ▪️ Crypto wallets, WiFi pass, keychains ▪️ Take screenshots, record audio [image]
-
@zeroxjf
Johnny
on x
Wild couple weeks for the iOS jailbreak community. 2 exploit chains in 2 weeks. ICYMI, there's a new iOS 18 chain (details below). Payloads don't appear to be in the wild, (good given how many are still on iOS 18), but likely means no imminent ability to adapt for a jailbreak.
-
@_danielsinclair
Daniel Sinclair
on x
Interestingly, we haven't seen these surveillance payloads scoop up your interactions with AI apps. Some day soon, surely, as ChatGPT knows more about you than any contact on your device.
-
@pirat_nation
@pirat_nation
on x
A new iOS hacking tool called DarkSword targets iPhones running iOS 18.4 to 18.7. It uses several serious security holes to break out of Apple's protection, run harmful code, and install spyware. The spyware (named GHOSTBLADE and GHOSTKNIFE) steals cryptocurrency wallets, [image]
-
@a_greenberg
Andy Greenberg
on x
This tool has already been used in distinct hacking campaigns against Ukrainians, Malaysians, Saudi and Turkish victims. If other hackers needed any more encouragement to adopt it, too, the Russian spies who used it left it fully unobfuscated with helpful code comments legible.
-
@p3b7_
Charles Guillemet
on x
Only days after Coruna, one of the first large-scale iOS exploit kits, DarkSword is already being exploited in the wild. Coruna showed the pattern: state-grade iOS exploits don't stay in government hands. They leak, spread, and end up in broader ecosystems. One visit to a comp…
-
@agreenberg
Andy Greenberg
on bluesky
This tool has already been used in distinct hacking campaigns against Ukrainians, Malaysians, Saudi and Turkish victims. If other hackers needed any more encouragement to adopt it, too, the Russian spies who used it left it fully unobfuscated with even its developers' helpful co…
-
@couts
Andrew Couts
on bluesky
NEW: iPhones running iOS 18—there are hundreds of millions of them—are potentially vulnerable to newly discovered hacking tools, capable of stealing troves of data, that were found in use in the wild. Update to iOS 26 now to patch. @agreenberg.bsky.social reports: www.wired.com/…
-
@gregotto
Greg Otto
on bluesky
NEW: Joint research from Google, iVerify and Lookout uncovers “Darksword,” *another* suspected exploit kit built using high-end iOS exploits likely originally developed by/for the U.S. government. This is similar to Coruna, but has a much larger potential victim base cyberscoop.…
-
@fmarini@mastodon.social
Francesco Marini
on mastodon
As usual, Wired is... not great 🙄 — Regarding DarkSword, the latest objectively bad exploit affecting iOS and Safari, Google has a more in depth analysis, with a lot more informations on the specific versions of iOS that are affected. …
-
r/technology
r
on reddit
Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild | A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. …
-
r/iPhone13Mini
r
on reddit
Critical iOS 18 vulnerability found
-
r/cybersecurity
r
on reddit
Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild
-
r/pwnhub
r
on reddit
Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild
-
r/cybersecurity
r
on reddit
Second iOS exploit kit emerges from suspected Russian hackers using possible U.S. government-developed tools