Apple has issued an urgent security alert, strongly advising iPhone users to update their iOS operating system immediately. This warning follows the discovery of a new, highly sophisticated spyware tool called DarkSword, which hackers are using to take over devices and steal sensitive data.
DarkSword: A Highly Sophisticated Threat
Cybersecurity researchers from Lookout, iVerify, and Alphabet's Google have identified DarkSword as a powerful software exploit capable of compromising iPhones running older versions of iOS. This malware is designed to secretly infiltrate mobile devices, stealing a wide range of information, including emails, usernames, passwords, photos, and even cryptocurrency wallets. Researchers describe DarkSword as a professionally designed platform, highlighting its advanced capabilities and the significant risk it poses to user privacy and security.
Vulnerable Devices and Global Impact
The spyware specifically targets iPhones running iOS versions released between March and August 2025, specifically versions 18.4 to 18.6.2. According to estimates, approximately 220 to 270 million iPhones worldwide are still operating on these older iOS versions, making them vulnerable to attack. Analysis reveals that the hacking tools have been focused on several key groups, including Ukrainians targeted by Russian intelligence, Chinese cryptocurrency users, and individuals in Saudi Arabia, Turkey, and Malaysia.
This discovery comes shortly after Google and iVerify revealed details of another powerful iPhone spyware tool called Coruna, which was linked to Russian intelligence groups and Chinese cybercriminals. DarkSword was found on the same servers used by suspected Russian operators of Coruna, indicating a connection between these malicious campaigns. Researchers warn that these tools signify a flourishing market for malware, with increasing accessibility for devastating mobile attacks.
Apple's Response and User Recommendations
In response to the threat, Apple spokesperson Sarah O'Rourke emphasized that both DarkSword and Coruna only affect devices running outdated iOS versions. She reinforced the critical importance of regular software updates, stating, "Keeping software up to date remains the single most important thing users can do to maintain the high security of their Apple devices." Apple's latest operating system, iOS 26, released in September, provides protection against these hacking campaigns.
Additionally, Apple took the unusual step last week of releasing a special update for iPhone users with older devices that cannot handle a full upgrade to iOS 26. This targeted update is specifically designed to block hackers from exploiting the vulnerabilities associated with DarkSword and similar tools.
Expert Insights and Broader Implications
John Scott-Railton, a senior researcher at Citizen Lab, a University of Toronto-sponsored cybersecurity lab, commented on the growing threat landscape. He told NBC News, "The barrier to entry for widespread, devastating mobile attacks has been decisively lowered... it's clear this problem is only going to grow." He added a sobering note for everyday users, "The scary takeaway for regular users is they can't spot this attack," underscoring the stealthy nature of such spyware and the necessity of proactive security measures.
This incident highlights the escalating challenges in mobile cybersecurity, with state-sponsored actors and cybercriminals leveraging advanced tools to compromise personal data. Users are urged to heed Apple's advice, update their devices promptly, and remain vigilant about software maintenance to safeguard against evolving digital threats.
