iPhone Users Beware: “DarkSword” Hack Can Steal Data Just by Visiting a Website
If you are using an iPhone, there’s a new security concern you shouldn’t ignore. A hacking method called “DarkSword” has been identified by Google and cybersecurity firms Lookout and iVerify, which can target devices simply through a web page. This means that visiting a malicious website could expose your personal data.
The issue primarily affects iPhones running certain iOS 18 versions. While updates are available, many users may still be at risk if their devices are not fully updated or protected.
How Does the DarkSword Hack Affect iPhone Users?
DarkSword is a fileless hack, meaning it does not install traditional spyware on your device. Instead, it exploits existing system processes to access sensitive information.
The attack begins when an iPhone opens a malicious iframe hidden on a web page. From there, it can collect passwords, messages, iCloud data, and even cryptocurrency wallet details.
What makes DarkSword particularly concerning is that it removes all traces after completing the attack, making detection extremely difficult.
Reports indicate that DarkSword has already been used in countries such as Ukraine, Saudi Arabia, Malaysia, Turkey, and Russia, and could potentially reach India. Its threat grew after the source code leaked online, making it accessible to a broader range of hackers.
What Has Apple Done & How Can You Stay Protected?
Apple has confirmed that vulnerabilities exploited by DarkSword were patched in updates released last year for iOS versions 15 through 26. Emergency updates were also provided for devices running iOS 15 and 16. Users on iOS 13 or 14 must upgrade to at least iOS 15 to stay protected.
Additionally, Safari’s Safe Browsing feature blocks harmful URLs linked to this attack. While DarkSword primarily targets iOS 18 versions between 18.4 and 18.6.2, Apple released iOS 18.7 and iOS 26 with fixes. With around 24% of devices still on iOS 18, keeping your software updated is crucial. (Agency)
