Millions Of Apple iPhone Users At Risk Of Hacking From 'Darksword' Spyware Tool

Security researchers have uncovered "DarkSword," a sophisticated spyware capable of compromising hundreds of millions of iPhones globally. In a joint report, experts from Google, Lookout, and iVerify revealed that the malware spreads through infected websites, allowing attackers to steal sensitive user data.

Google stated that multiple commercial vendors and suspected state-linked hackers were using Darksword in campaigns against targets in Saudi Arabia, Turkey, Malaysia and Ukraine. The malware was embedded in components of legitimate Ukrainian websites, including online news outlets and a government agency site, to harvest data from visitors' phones.

"There's now a verified pipeline of recent exploits that have ended up in the hands of potentially criminal entities with a financial focus," said Justin Albrecht, principal researcher with Lookout, as per Reuters.

The discovery of Darksword follows the March 3 reveal of Coruna, another potent iPhone spyware. Working in tandem, these hacking tools are capable of draining cryptocurrency wallets and compromising sensitive personal data.

While this malware does not affect the latest iOS versions, it remains effective against iOS 18. As of last month, Apple's previous operating system still powered nearly a quarter of all iPhones.

Also Read | Rogue AI Agent At Meta Exposes Sensitive Data, Triggers 2nd-Highest Security Severity Alert

Previous Instance

In May last year, Apple urged its users to update their devices after a major vulnerability in the AirPlay feature allowed hackers to hijack compatible devices on the same Wi-Fi network. AirPlay is a feature that allows iPhone users to stream audio and video from their phone onto other smart devices, such as TVs.

Tel Aviv-based cybersecurity firm Oligo discovered the major security risk initially, stating that 23 vulnerabilities were reported, both in Apple's AirPlay protocol and the AirPlay Software Development Kit (SDK) used by third-party vendors to make devices AirPlay compatible.

Similarly, in February, Apple said it had been targeted by "extremely sophisticated" attacks where the USB Restricted Mode might be disabled on a locked device.