Have you heard about the hack that could infect millions of smartphones worldwide? DarkSword targets iPhones running specific versions of Apple’s software and it could be quietly stealing your data.
What is DarkSword?
DarkSword is a new hacking toolkit that exploits a weakness affecting iPhones in particular. Specifically, it uses a series of vulnerabilities – six in total – to break into systems and steal all sorts of personal data.
That could include your signed-in accounts, wifi passwords, messaging data, cryptocurrency wallet credentials, email, screenshots and calendars. The list goes on.
The concerning thing is you may never realise you were affected by it. Not only is the attack quick, taking minutes to gather data, but it is clean. DarkSword doesn’t need the victim to click on a link or tap on an image to start running.
READ MORE
The difficult choices that could dramatically increase housing supply in Dublin
Instead, it can lurk in infected elements of websites, waiting for a victim. When a vulnerable system visits the site, it starts running in the background and gathering personal data without the visitor clicking on a thing.
Once it gathers that data and sends it back to the attackers, the malware deletes itself, leaving no trace of its presence.
When was it detected?
According to Google’s Threat Intelligence Group blog post, researchers detected various malicious actors using the toolkit late last year, with entities in Ukraine, Saudi Arabia, Turkey and Malaysia all targeted.
Security researchers from iVerify also confirmed the malicious activity. It was reported to Apple in late 2025.
Who is at risk?
DarkSword primarily affects iPhones running iOS 18.4 to iOS 18.7. If you are behind on your updates or your iPhone is no longer supported by the latest version of Apple’s software, you could be vulnerable, especially if you haven’t installed any security updates lately.
According to Apple’s developer site, 24 per cent of iPhones currently run iOS 18 in some form and 10 per cent are stuck on an earlier version. That adds up to millions of devices globally.
I am on the latest version of iOS. Am I still at risk?
According to Google’s blog post, all vulnerabilities for DarkSword were patched with the release of iOS 26.3. But attacks were seen as far back as November last year and Apple had already patched many of the flaws before the newest software update.
If you have been keeping up to date with Apple’s schedule, your device should be protected from this threat at least.
What should I do to protect myself?
The best way to keep your devices safe is to keep on track with updates to your smartphone’s software. Many people enable automatic updates, allowing them to be downloaded to a device as soon as Apple releases the software.
If you aren’t on the latest software, update your device to the newest version immediately – currently iOS 26.3.1, unless you are enrolled in Apple’s beta programme which has early access to iOS 26.4. That will ensure the vulnerabilities that DarkSword exploits are no longer a problem.
My device is too old to run iOS 26. What should I do?
In the case of devices that are not compatible with the latest version of iOS – anything older than an iPhone 11 – experts recommend enabling lockdown mode to beef up security.
This is an extreme protection mode intended for people who could be vulnerable to sophisticated attacks, such as politicians, business executives, lawyers and people working for NGOs, as well as journalists.
Most people will never be at this level of risk, but lockdown mode might be a useful tool for preventing DarkSword. It locks your phone down by limiting some of its functions that could be exploited to attack your device with sophisticated malware.
That includes blocking many message attachments and link previews, limiting web browsing to exclude more complex web technologies. Exclusions will be placed on incoming FaceTime calls from people you have not contacted in the previous 30 days. Location data will also be removed from photos when they are shared, while wifi connections will be limited if the system considers them insecure.
Incoming phone calls and standard text messages on your phone will not be affected by lockdown mode, nor will emergency features such as SOS emergency calls.
Lockdown mode was introduced in iOS 16, with additional protections added in iOS 17. You can enable it by going to Settings, followed by Privacy, Security and scrolling to Lockdown Mode.
Even if your device no longer gets iOS updates, Apple has issued a number of security updates for older smartphones in recent days. You should ensure all these updates are installed to protect your iPhone.
