DarkSword iPhone Vulnerability Exposed Online, Major Security Threat for Hundreds of Millions
Hundreds of Millions of iPhone Users at Risk Due to New Hacking Tool
A recently discovered hacking tool known as DarkSword has put hundreds of millions of iPhone users at risk. This tool exploits six separate vulnerabilities in the Safari browser to gain full control over a device.
How Does it Work?
The DarkSword exploit chain starts when a user visits a website using the Safari browser, allowing the hackers to execute a “drive-by” attack. The hackers have also been found to use watering hole attacks, compromising trusted websites, to spread the malware.
The Scope of the Attack
The malware itself targets almost every aspect of a user’s device, including:
- Private text messages
- Call records
- Wi-Fi passwords
- Physical location
- Browser history
- Calendar entries
- Health data
- Digital crypto wallets
Once installed, the malware erases its own tracks, leaving behind little evidence of its presence.
The Risks Multiply
A working version of the DarkSword exploit chain was publicly leaked on GitHub, making it easier for malicious actors to replicate the attack. Security experts warn that such leaks often lead to rapid copycat activity, with lower-skilled actors targeting vulnerable devices at scale, increasing the likelihood of widespread opportunistic attacks against unpatched iPhones and iPads.
According to the researchers, the leak of the DarkSword exploit chain significantly reduces the barrier for malicious actors to replicate the attack.
What Can Be Done?
Apple has confirmed that the newest software, iOS 26, is safe from these attacks. Users who cannot update to the latest version are advised to turn on Lockdown Mode in their settings to provide additional protection against these threats.
About Author
English