If you are using an iPhone, there is a new security concern you should not ignore. A hacking method called “DarkSword” has been identified by Google and cybersecurity firms Lookout and iVerify, and it can target devices simply through a web page. This means just visiting the wrong site could expose your personal data.
The issue mainly affects iPhones running specific iOS 18 versions. While updates are available, many users may still be at risk if their devices are not fully updated or protected.
How Does The DarkSword Hack Affect iPhone Users?
DarkSword is a fileless hack that does not install traditional spyware on your device. Instead, it uses existing system processes to access sensitive information.
The attack begins when an iPhone opens a malicious iframe hidden inside a web page. From there, it can collect data such as passwords, messages, iCloud content, and even cryptocurrency wallet details.
What makes this hack more concerning is that it removes all traces after completing the attack. This makes detection difficult for users.
Reports suggest that DarkSword has already been used in countries like Ukraine, Saudi Arabia, Malaysia, Turkey, and Russia, and can enter India at any moment. It became more widely available after its source code was leaked online, allowing broader access to the tool.
What Has Apple Done & How Can You Stay Protected?
Apple has said that the vulnerabilities linked to DarkSword were already patched in updates released last year across iOS 15 to iOS 26.
Emergency updates were also provided for devices running iOS 15 and 16. However, users on iOS 13 or iOS 14 must upgrade to at least iOS 15 to stay protected. The company also confirmed that Safari’s Safe Browsing feature blocks harmful URLs linked to this attack.
While DarkSword mainly targets iOS 18 versions between iOS 18.4 and iOS 18.6.2, Apple released iOS 18.7 and iOS 26 with fixes. Around 24% of devices still use iOS 18, so keeping your software updated remains essential.
