Google and cybersecurity companies Lookout and iVerify have detailed a new hacking technique that potentially puts a significant portion of iPhone users in danger, just by visiting the wrong web page. The hack is called “DarkSword” and it targets iOS 18 releases between iOS 18.4 and iOS 18.6.2
For its part, an Apple spokesperson told Engadget that the company had patched the underlying vulnerabilities in iOS versions 15 through 26 last year; the company also issued an emergency update for devices running iOS 15 and 16 that are unable to run newer versions of iOS. The company does note that users running iOS 13 or iOS 14 would need to update to at least iOS 15 to be protected; those operating systems were released in 2019 and 2020, respectively.
In response to this threat, Apple has also published details on what users can do to make sure they’re fully protected, which are essentially the same as what the company shared with Engadget. Even if you’re not running iOS 26, updates are and have been available to protect users from this particular threat. Apple also notes that the URLs detected and published in Google’s security blog are blocked by its Safe Browsing features in Safari.
DarkSword is a “fileless” hack that leverages a collection of exploits to access sensitive data when an iPhone visits an infected website. Rather than install spyware that hangs around on a user’s phone after messages and other private information are stolen, fileless hacks like DarkSword take control of “the legitimate processes in an iPhone’s operating system to steal data,” according to Wired. Even more troubling, DarkSword deletes any evidence it was running on an iPhone after it finishes stealing your information.
