Post Content DarkSword supports iPhones running on iOS 18.4 to iOS 18.7, (Image Source: Google Gemini/AI)
The iPhone is often regarded as one of the most secure smartphones today, but like Android devices, it has repeatedly been targeted by hackers exploiting vulnerabilities.
Last week, a cybersecurity researcher unearthed a hacking campaign that targeted iPhone users using a tool called DarkSword. As it turns out, someone has now uploaded a new version of DarkSword to the popular code-sharing website GitHub.
What is DarkSword?
Discovered by the Google Threat Intelligence Group (GTIG) last week, DarkSword is an iOS “full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices.”
The tech giant’s threat intelligence group says several commercial surveillance vendors and some state actors have already been using DarkSword in various campaigns targeting iPhone users in Saudi Arabia, Turkey, Malaysia and Ukraine.
DarkSword supports iOS 18.4 to iOS 18.7 and uses a total of six different vulnerabilities and three different malware families – GHOSTBLADE< GHOSTKNIFE, and GHOSTSABER.
GTIG also said that all security exploits used by DarkSword were patched in the iOS 26.3 update, which means iPhones updated to the latest version of the operating system are not vulnerable to the campaign.
While the majority of iPhones have received the iOS 26 update, several models like the iPhone X and older ones are stuck on iOS 18. This means that the exploit can still be used to compromise these devices.
Story continues below this ad
Millions of iPhone users are at risk
Apple’s iOS 26 brings one of the biggest changes to the iPhone’s user interface in years, but not everyone is a fan. While most supported devices may have already updated to the latest version of iOS, there are still people who haven’t updated their iPhones’ software.
According to researchers, with DarkSword now available on GitHub, anyone will be able to use the tools to target iPhone users running on older versions of iOS. The exploit reportedly affects hundreds of millions of iPhones and iPads.
“This is bad. They are way too easy to repurpose. I don’t think that can be contained anymore. So we need to expect criminals and others to start deploying this,” Matthias Frielingsdorf, the co-founder of mobile security startup iVerify, told in a statement ot TechCrunch.
He added that the new version of DarkSword shared on GitHub has the same infrastructure that iVerify had analysed previously, but the files are a bit different. Frielingsdorf said that since the files uploaded to the code-sharing platform are plain HTML and JavaScript, anyone can copy and paste the code and host it on a server in a few minutes.
Story continues below this ad
He added that the “exploits will work out of the box. This is no iOS expertise required.” Right now, the surefire way to protect your iPhone against DarkSword is by updating your iPhone to the latest version of iOS 26.
© IE Online Media Services Pvt Ltd
