← Back to diffwire

DarkSword spyware targets millions of iPhones via Ukrainian websites

19 articles | Updated 21h ago | Created 2d ago
Toronto, Russia APPLE
Story image

Security researcher teams from Google have identified a new espionage tool called "DarkSword," which is actively being used by suspected actors linked to the Russian government and other nation-state groups.

Key Points

  1. 1
    Apple has issued urgent warnings urging iPhone users immediately update their iOS operating systems due to active spyware attacks.
  2. 2
    Google researchers identified 'DarkSword,' a sophisticated exploit kit that combines six vulnerabilities in iOS and Safari, allowing attackers full control over devices simply by visiting compromised websites.

Developments

Mar 20 Apple issues iOS update warning urging users immediately to combat DarkSword spyware discovered by researchers at Lo.

Perspectives

Apple has issued critical warnings urging iPhone users immediately update their iOS operating system following the discovery of advanced spyware called DarkSword.

— (Techcentral.ie)

'DarkSword' combines six vulnerabilities in iOS and Safari to deploy malware on devices, demonstrating a significant change from previous campaigns that targeted older systems by focusing instead on relatively current versions.

— (Iphone-ticker.de)
Apple issues iOS update to combat DarkSword spyware
Techcentral.ie Niall Kitson 21h ago

Apple has issued a critical warning urging iPhone users with devices running between March 2025 (iOS) update immediately following the discovery of advanced spyware called DarkSword can steal sensitive data and take full control affected targets such as Ukrainians under threat from Russian intelligence services, Chinese cryptocurrency users.

Ugrožene su stotine milijuna iPhonea, otkriven je alat koji može hakirati stare iOS verzije. Oglasio se Apple
Telegram.hr Eva Benedik 1d ago
DarkSword: Researchers uncover another iOS exploit kit
Helpnetsecurity Zeljka Zorz 1d ago

Google has disclosed that 'DarkSword', a powerful iOS exploit kit used since November 2025 by state-sponsored and commercial actors like UNC6353 and PARS Defense customers, exploits six specific zero-day vulnerabilities including flaws in WebKit. While Apple patched several of these CVEs between July 2025 and February 2026 following reports or confirmed exploitation attempts as noted on the timeline provided to researchers from Lookout (though a sentence was cut off).

Apple warns iPhone users to update iOS to thwart hacking campaigns
Macdailynews MacDailyNews 1d ago

Cybersecurity researchers have identified exploit kits named DarkSword and Coruna designed by Russian intelligence-linked actors and Chinese cybercriminals specifically target outdated versions of Apple's operating system. An Apple spokesperson confirmed that these vulnerabilities are fully addressed in recent updates like iOS 26, urging users to keep their devices current as the primary defense against data theft including messages, credentials, and cryptocurrency wallets.

"DarkSword predstavlja značajnu promjenu koju smo predviđali godinama", rekao je Justin Albrecht, globalni direktor za obavještajne podatke o mobilnim prijetnjama
Vecernji.hr 2d ago