iPhone users are being urged to update their devices immediately, as a powerful exploit kit known as “DarkSword” has reportedly been leaked on Github. The availability of this tool significantly increases the risk of malicious attacks, and Apple is pushing users to install iOS 26.4 to protect against potential compromises.
Weiterlesen nach der Anzeige
Exploit Kit Easily Repurposed
The “DarkSword” exploit kit, previously used in targeted attacks, has surfaced on Github, making it readily accessible to a wider range of malicious actors. This allows them to easily adapt the code for their own attacks. The DarkSword spyware exploits a chain of vulnerabilities in Apple operating systems, potentially compromising unpatched iPhones simply by visiting a manipulated webpage and extracting sensitive data. A security researcher at iVerify told Techcrunch that the freely available malware “is far too easy to repurpose” – calling it “nasty” and expressing doubt that the situation can be contained.
Following recently documented, unprecedented malware attacks on iPhones, Apple last week called on its customers to update iOS “to protect your iPhone from attacks from the internet.” Security researchers have begun logging widespread attacks using the two highly complex exploit kits Coruna and DarkSword, which were reportedly developed for state-sponsored surveillance – and subsequently fell into the hands of hacker groups. The malware was then allegedly used indiscriminately against iPhone users in Ukraine, Turkey, and Saudi Arabia, with the goal of stealing information such as cryptocurrency wallet details. This highlights the growing sophistication of cyber threats targeting mobile devices.
Numerous Apple Patches, Some Exceptions
“Devices running the latest updates from iOS 15 to iOS 26 are already protected,” the company explained. However, this also means that users must install the latest version available for their device – and upgrade from iOS 18 to iOS 26 if the update is offered. The extent to which older operating system versions are fully protected remains unclear. Apple only patches all known security vulnerabilities in its most recent versions. Patches for older system versions are then only available for certain device lines that no longer receive newer iOS versions. Activating ‘Lockdown Mode’ (Settings > Privacy & Security > Lockdown Mode) can also provide protection on older devices, as Apple notes, though this does restrict certain functions.
Attacks on iPads and Macs have not yet been documented, but vulnerabilities exploited by these kits also exist on those platforms. Users should therefore update those devices to version 26.4 whenever possible.
Weiterlesen nach der Anzeige
Update
Apple released version 26.4 of its operating systems on Tuesday evening, references to the latest operating system versions in the report were therefore changed from 26.3.1 to 26.4. IOS 18.7.7 is also available for iPhone XR, XS and XS Max. The updates address numerous additional security vulnerabilities.
(lbe)
