Cybersecurity groups are sounding the alarm about DarkSword, the latest hacker tool that targets iPhone users.Credit: Jakub Porzycki/NurPhoto via Getty Images
So, we are mostly talking about Russia as the bad actor here, right?
“Bad actors have deployed the exploit through three different malware families, resulting in significant global repercussions for users in various countries, including Saudi Arabia and Ukraine.”
Hm. This is similar to exploits on other platforms. Users decide they dont want to update their devices, then their devices are vulnerable to things that have been patched.
270M vulnerable sounds dramatic, but it does not mean 270M compromised devices. The bigger issue is exploit reuse. If multiple actors can reuse the same full-chain iOS path through watering holes, this is less about one Apple bug and more about patch latency and a maturing mobile exploit market.
iOS 18 is still fully supported and is barely 18 months old. The vulnerable point versions of iOS 18 are less than a year old. iOS 26 has barely been out for 6 months. Get some perspective.
Yeah saw this earlier too — kinda crazy how many devices are potentially affected.
Feels like people always assume iPhones are “safe by default,” but stuff like this shows nothing is really bulletproof. Most people probably won’t get hit directly, but still a good reminder to keep updates on and not click random links.
You would expect a tool capable of silently breaking into hundreds of millions of iPhones to be locked away behind layers of encryption, traded in whispers on dark corners of the internet.
Instead, security researchers found it sitting openly on compromised Ukrainian websites, fully annotated, logically organized, and so neatly documented that, as one researcher put it, stealing the whole thing and pointing it at someone else’s server would take little more than a copy and paste.
Exactly! I’ve been thinking the same lately about researchers finding APT servers just left “abandoned” on the internet with tools and operational logs. I don’t believe it’s that easy.
Allegedly some of the datacenters getting exploded in the middle east were central to a bunch of stuff that is now sitting abandoned or with missing control keys.
All types of threat actors, their problem is they're so focused on attacking that they don't defend their own operations, and plenty only have red team knowledge, thus wouldn't know how to properly defend. John Hammond has demonstrated just how easy it is to not just reverse engineer a lot of malware, but also access all the data the attacker has collected. Attacking and defending have a relationship, but are still very distinct skill sets.
Considering that I’m citing the crucial facts in the article that aren’t in the post, it’s obvious that I read it. I didn’t expect someone to plagiarize part of the article as a comment.
Which is it…the first two paragraphs or a synopsis? Either way, my point stands. It’s a watering hole attack; it’s not something you aim and fire, the target has to “come and get it.” You literally cannot use it while restricting access to it. It’s not possible.
I don't know why I'm getting down voted, (It doesn't bother me) just seems petty. its the first 2 paragraphs that serve as a synopsis. Thats what I do in all my posts, Seems to be effective in letting people know what to expect, is this not acceptable here?
People still use hardware past its supported life as well since the software still functions, just no more OS updates. That'll probably continue further if computer hardware continues to get more expensive too.
Liquid Glass sucks, I avoided updating just for that. Had to though bc security, so I had to change my whole display to minimize that dumb effect. Frustrating.
I would say a majoritty of my friends don’t have their iPhones updated. I knew friends when I was on iOS 26, they were still on iOS 13 and 14. Their excuse? Don’t have time or they’re scared to update…
Not that different from most electronics. Already seen a few crazed posts about a conspiracy for Apple to get you update your phone so they can ruin it and force you buy a new one. Wild stuff.
Android: Reboot now to update iOS: not updating, requiring your password, blocking your phone for minutes to update. The process hasn't been improved since the iPhone was released. MacOS as bad. Update overnight, fails every single time to reboot needing your attention.
If you don't sleep with your phone on a charger you have to manually do the updates. That said it's not hard to click a few button and wait for a reset
I don't know why people are down voting you. Probably because you're not fully on what Reddit thinks is the correct bandwagon.
I don't consider iOS updates a problem because it's a 5-10 minute wait for a small update and 15-30 minute wait for a major annual update. You do need to click several menus to get to updates then enter your passkey, click download then wait and click install. I do find that process kind of dumb and would prefer a single "update now" button somewhere prominent. But it doesn't take much effort and I don't feel like the effort is enough to block people from updating at least once a year.
Recently I started leaving my phone on the charger again because the old fear of battery degradation from leaving a phone on a charger too long is no longer very relevant. So now my updates just happen in the background while I sleep.
275 Million phones not updated either suggests there is quite some room for improvement (from what I briefly read a vulnerability used by the exploit chain is from 2024), or they may not get the update anymore at all. At least in Europe the latter would raise the question whether we want a legal solution which would also help with many of the bad vendors offering Android phones.
Only commenting to keep the joke going, but age ID verification is being forced next week (allegedly?) by Apple in Australia, for the next update etc etc. Someone had mentioned it was /very convenient timing to find such a widespread vulnerability specifically for iOS 18/ that happened to be found a week or two before the verification rollout 😅
On mobile so formatting is horrible but it is one of my favourite conspiracies ATM. My opinion? Someone forgot their keys and/or did a massive whoopsie-daisy haha
Things like this always make me realize how little control we truly have over these devices once something like this leaks into the wild. It’s tempting to think iPhones are secure by default, but in reality, it often feels like a never-ending game of cat and mouse.
I’m also curious about how common this really is, since many of these attacks seem more targeted than random.
If you want, I can give a few more versions that feel a bit punchier or casual for social media. Do you want me to do that?
Stuff like this always reminds me how little control we actually have over these devices once something like this gets out in the wild. It’s easy to assume iPhones are safe by default, but it really just feels like a constant cat and mouse game.
Curious how widespread this actually is though, since a lot of these attacks tend to be pretty targeted rather than random.
Clickbait, useless unless you intentionally keep your phone behind of software updates, which takes conscious effort TO DO rather than not and just let auto update do its thing.
Yeah, me too, i don’t even use paper money but echange goods directly! Chances are, they won’t steal your wallet if there is nothing to steal! Stay safe people!
Not holding large amounts of paper money is a literal government safety advisory. That person’s opinions are actual, literal OpSec, but for the general person they are not going to part with their convenience to be safer.
Man, I was just being sarcastic. It’s clearly safer to have a deposit in bank and use a debit card as well as having 2fa and a whithdrawing limit set. I have 2 accounts, a main one called “savings”, with no card attached, and a second one for shopping tied to my debit card and my virtual card so the big chunk can never be stolen, even if it’s impossible with 2fa. I also keep my physical and virtual cards frozen and activate them when doing shopping. And I’m doing all of that using the face id on my phone. I rarely touched cash in the last 10 years, especially after 2019. This is a tech sub after all, not a Flinstone Family cartoon sub, and speaking about technology, you either use it or lose it.
“Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites”
AS USUAL in these SCARE TACTIC BULLSHIT ARTICLES. So tired of this shit. Every fucking year. "Iphone totally unsafe if I have 6 hours of physical access and a handgranade"; just fuck off people
I probably won’t update my iPhone for a while bc my mom passed away and every time I open the FaceTime app she pops up for a split second and I get to see her again
“Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites”
“While the technique doesn’t affect the latest updated versions of iOS, it does work against iOS devices running versions of Apple’s previous operating system release, iOS 18, which as of last month still accounted for close to a quarter of iPhones”
Update your phones os to stay ahead of security vulnerabilities
How many people are not updated vs there’s just a quarter of phones not receiving the update. Assumably they’ll drop an update to render that quoted sentence useless.
The tinted feature is still semi-transparent. The issue is the depth perception sets off falling migraines. Do you know if there is a way to make it fully opaque?
ETA: it’s high key real life to be downvoted for dealing with a disability
To the kind redditor who gave me an award, thank you!
Migraines. I’m on preventative medication for pretty extreme migraines. The update sent me back to my e-ink computer. I’m afraid to leave the house and have bought a prepaid phone because of it
Okay so its a choice: Russkies or liquid ass! Personally I go with the ass. By the way: oh my god we iphone users ARE REALLY SCARED. Fuck off OP Android boy
So much for the Apple 'walled garden', 'secure enclave', 'AES encryption', 'app sandboxes'.
ReplyDeleteNone of it means anything apparently.
I'm starting to think the Samsung 'Knox' is better.
Is it really hackers? Or is it Apple itself? Come on, it's SPYWARE after all, and nobody does spyware on their customers better than Apple.
ReplyDeleteRussia?
ReplyDeleteFixed in September 2025. Check your phone.
ReplyDeleteI’ve had like 7 updates since then. Didn’t everyone update to 26.3.1?
DeleteWill only be phones no longer supported, likely why the number affected is so low (relatively)
DeleteSo, we are mostly talking about Russia as the bad actor here, right?
ReplyDelete“Bad actors have deployed the exploit through three different malware families, resulting in significant global repercussions for users in various countries, including Saudi Arabia and Ukraine.”
Russia both attacks the US using Trump and also uses Trump to help them. What a weird timeline.
DeleteOh noooo oh noo
ReplyDeleteSurely fake news. Everybody knows that Apple makes perfectly secure products. /s
ReplyDeleteOn iOS 17 or even iOS 18 reportedly FaceID unlocked access to phone without scan. I had this problem on iOS 17 and stopped using iPhones.
DeleteThey need to be more specific with the versions of iOS that’s affected.
ReplyDeleteiOS 18.4 - 18.7 is not the same as iOS 18.4 - 18.7.x.
Hm. This is similar to exploits on other platforms. Users decide they dont want to update their devices, then their devices are vulnerable to things that have been patched.
ReplyDeleteDamn Apple. Gonna make me update this tired 13 to iOS 26
ReplyDelete270M vulnerable sounds dramatic, but it does not mean 270M compromised devices. The bigger issue is exploit reuse. If multiple actors can reuse the same full-chain iOS path through watering holes, this is less about one Apple bug and more about patch latency and a maturing mobile exploit market.
ReplyDeleteSo.
ReplyDeleteIs there a good chance they moved on to better pastures so to say. Ie a more modern toolkit that could break modern ios?
is the exploit on iOS 26.2?If so can this be like a way to jailbreak iOS versions with the exploit available
ReplyDeleteNo one said cyber criminals were the smartest! 🤣
ReplyDeleteGood! If u still using 18 that’s on u!
ReplyDeleteiOS 18 is still fully supported and is barely 18 months old. The vulnerable point versions of iOS 18 are less than a year old. iOS 26 has barely been out for 6 months. Get some perspective.
DeleteNah
Deleteold and unpatches iphones
ReplyDeleteYeah saw this earlier too — kinda crazy how many devices are potentially affected.
ReplyDeleteFeels like people always assume iPhones are “safe by default,” but stuff like this shows nothing is really bulletproof. Most people probably won’t get hit directly, but still a good reminder to keep updates on and not click random links.
Kinda crazy how people are acting like iOS 18 is some ancient unsupported mess that no one should be running.
DeleteiOS 18 is still supported, but the versions vulnerable to this are long out of date.
Deletebro they’re not updating their phones relax
Deletewhen it’s actually the most vulnerable
DeleteBy which metric/stat?
DeleteI’m not doing it for you. Look up CVE totals for each OS and paste here
DeleteThis comment has been removed by a blog administrator.
DeleteYou would expect a tool capable of silently breaking into hundreds of millions of iPhones to be locked away behind layers of encryption, traded in whispers on dark corners of the internet.
ReplyDeleteInstead, security researchers found it sitting openly on compromised Ukrainian websites, fully annotated, logically organized, and so neatly documented that, as one researcher put it, stealing the whole thing and pointing it at someone else’s server would take little more than a copy and paste.
“Hey Phil, I’m bored with this one, so I’m just going to leave it here for the next guy to use…”
DeleteWhich makes me nervous about what they moved on to, and why.
Exactly! I’ve been thinking the same lately about researchers finding APT servers just left “abandoned” on the internet with tools and operational logs. I don’t believe it’s that easy.
DeleteAllegedly some of the datacenters getting exploded in the middle east were central to a bunch of stuff that is now sitting abandoned or with missing control keys.
DeleteIt's that easy.
DeleteA lot of people needlessly mythologise the "APT".
The reality is that state/state sponsored/contracted threat actors make.mistakes, and they make them far more often than you hear about
edit: make not male 🤣
All types of threat actors, their problem is they're so focused on attacking that they don't defend their own operations, and plenty only have red team knowledge, thus wouldn't know how to properly defend. John Hammond has demonstrated just how easy it is to not just reverse engineer a lot of malware, but also access all the data the attacker has collected. Attacking and defending have a relationship, but are still very distinct skill sets.
DeleteThats usually called a honeypot
DeleteSaved in plain text doc no doubt.
DeleteIt’s a watering hole attack. It has to be on a server like that, in the open. Did you not read the article?
DeleteThat’s the first two paragraphs of the said article you accused them of not reading being presented in their post.
DeleteUnless you meant to respond to someone else?
Considering that I’m citing the crucial facts in the article that aren’t in the post, it’s obvious that I read it. I didn’t expect someone to plagiarize part of the article as a comment.
DeleteIt's a synopsis purposely posted. I forgot to leave it in the body before I posted
DeleteI'll downvote myself for emotional support to whoever felt it necessary
DeleteWhich is it…the first two paragraphs or a synopsis? Either way, my point stands. It’s a watering hole attack; it’s not something you aim and fire, the target has to “come and get it.” You literally cannot use it while restricting access to it. It’s not possible.
DeleteI don't know why I'm getting down voted, (It doesn't bother me) just seems petty. its the first 2 paragraphs that serve as a synopsis. Thats what I do in all my posts, Seems to be effective in letting people know what to expect, is this not acceptable here?
DeleteThe person replying to you in such a hostile way is being a bum, just ignore them, they're being pedantic for no reason
DeleteOnly affects iOS 18.4 through 18.6.2
ReplyDeleteThe scary news should be that 270M iphones arent updated
DeletePeople still use hardware past its supported life as well since the software still functions, just no more OS updates. That'll probably continue further if computer hardware continues to get more expensive too.
DeleteBut, but.. LiQUId GlAsS!
DeleteLiquid Glass sucks, I avoided updating just for that. Had to though bc security, so I had to change my whole display to minimize that dumb effect. Frustrating.
DeleteThere's 18.7.3. I think I had to enable beta updates tho.
DeleteI would say a majoritty of my friends don’t have their iPhones updated. I knew friends when I was on iOS 26, they were still on iOS 13 and 14. Their excuse? Don’t have time or they’re scared to update…
DeleteA lot of people avoided iOS 26 because of liquid glas
DeleteI mean, I've got one that is probably on that version but it's been sitting in a drawer with an uncharged battery for like 7 years.
DeleteiOS 18.4 came out about a year ago...
DeleteNot that different from most electronics. Already seen a few crazed posts about a conspiracy for Apple to get you update your phone so they can ruin it and force you buy a new one. Wild stuff.
Deleteoh man im an update freak. i have to keep everything up do date, on the latest patch, as often as possible.
DeleteAmateur. Run beta's on ALL THE THINGS! /s
DeleteNot a surprise. They are a pain to update.
DeleteAndroid: Reboot now to update iOS: not updating, requiring your password, blocking your phone for minutes to update. The process hasn't been improved since the iPhone was released. MacOS as bad. Update overnight, fails every single time to reboot needing your attention.
I’ve never had this experience with either one? I usually wake up to surprise phone updates.
DeleteIf you don't sleep with your phone on a charger you have to manually do the updates. That said it's not hard to click a few button and wait for a reset
DeleteYou wait for a reset on Android. Takes several minutes on iOS.
DeleteDownvote for the reality or are your phones just updated and working after a simple reboot?
DeleteI don't know why people are down voting you. Probably because you're not fully on what Reddit thinks is the correct bandwagon.
DeleteI don't consider iOS updates a problem because it's a 5-10 minute wait for a small update and 15-30 minute wait for a major annual update. You do need to click several menus to get to updates then enter your passkey, click download then wait and click install. I do find that process kind of dumb and would prefer a single "update now" button somewhere prominent. But it doesn't take much effort and I don't feel like the effort is enough to block people from updating at least once a year.
Recently I started leaving my phone on the charger again because the old fear of battery degradation from leaving a phone on a charger too long is no longer very relevant. So now my updates just happen in the background while I sleep.
Thanks for confirming.
Delete275 Million phones not updated either suggests there is quite some room for improvement (from what I briefly read a vulnerability used by the exploit chain is from 2024), or they may not get the update anymore at all. At least in Europe the latter would raise the question whether we want a legal solution which would also help with many of the bad vendors offering Android phones.
It's part of the same kit which included the Coruna exploits so 16+ till 18.6.2
DeleteGood to know!
Delete18.7.1 reporting in.
Delete- CVE-2025-31277- patched in iOS 18.6
Delete- CVE-2025-43529 - patched in iOS 18.7.3 and iOS 26.2
- CVE-2025-14174 - patched in iOS 18.7.3 and iOS 26.2
- CVE-2025-43510 patched in iOS 18.7.2 and iOS 26.1
- CVE-2025-43520 - patched in iOS 18.7.2 and iOS 26.1
- CVE-2026-20700 - patched in iOS 26.3
iOS 18.7.3 and iOS 26.3 are completely fixed for the successful usage of the Exploit Chain.
DeleteOnly commenting to keep the joke going, but age ID verification is being forced next week (allegedly?) by Apple in Australia, for the next update etc etc. Someone had mentioned it was /very convenient timing to find such a widespread vulnerability specifically for iOS 18/ that happened to be found a week or two before the verification rollout 😅
ReplyDeleteOn mobile so formatting is horrible but it is one of my favourite conspiracies ATM. My opinion? Someone forgot their keys and/or did a massive whoopsie-daisy haha
Any links to the AU Apple rollout?
Deletehttps://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit
ReplyDeleteThis was their previous iteration from 2024. They seem to have found another RCE in WebKit and Blink.
Same as people who think Linux has no virus
ReplyDeleteiOS 12.4 here still.
ReplyDelete
ReplyDeleteThings like this always make me realize how little control we truly have over these devices once something like this leaks into the wild. It’s tempting to think iPhones are secure by default, but in reality, it often feels like a never-ending game of cat and mouse.
I’m also curious about how common this really is, since many of these attacks seem more targeted than random.
If you want, I can give a few more versions that feel a bit punchier or casual for social media. Do you want me to do that?
Interesting for everyone using shitty iPhone 8
ReplyDeleteFirst and foremost, doesn’t this on affect iOS 18 and not any current iOS build?
ReplyDeleteI need proof from 20 individuals who have already been hacked; otherwise, this news is nothing but an attempt to scare people.
ReplyDeleteStuff like this always reminds me how little control we actually have over these devices once something like this gets out in the wild. It’s easy to assume iPhones are safe by default, but it really just feels like a constant cat and mouse game.
ReplyDeleteCurious how widespread this actually is though, since a lot of these attacks tend to be pretty targeted rather than random.
These companies have already leaked and sold our whole lives anywhere and everywhere, so what's the difference at this point.
ReplyDeleteThis is just marketing made by Apple to get you to update so they can steal even more if your data
ReplyDeleteTechnology really is improving! Just now I found Liquid Ass in Blog comment form.
DeleteClickbait, useless unless you intentionally keep your phone behind of software updates, which takes conscious effort TO DO rather than not and just let auto update do its thing.
ReplyDeleteAre hot, single Russian hackers near me... right now?!?
ReplyDeleteThey just released an update last week, prolly fer that
ReplyDeleteThis is why I don’t do online banking and use a credit card. Chances are you won’t be hacked if they know they can’t steal anything.
ReplyDeleteYeah, me too, i don’t even use paper money but echange goods directly! Chances are, they won’t steal your wallet if there is nothing to steal! Stay safe people!
DeleteNot holding large amounts of paper money is a literal government safety advisory. That person’s opinions are actual, literal OpSec, but for the general person they are not going to part with their convenience to be safer.
DeleteMan, I was just being sarcastic. It’s clearly safer to have a deposit in bank and use a debit card as well as having 2fa and a whithdrawing limit set. I have 2 accounts, a main one called “savings”, with no card attached, and a second one for shopping tied to my debit card and my virtual card so the big chunk can never be stolen, even if it’s impossible with 2fa. I also keep my physical and virtual cards frozen and activate them when doing shopping. And I’m doing all of that using the face id on my phone. I rarely touched cash in the last 10 years, especially after 2019. This is a tech sub after all, not a Flinstone Family cartoon sub, and speaking about technology, you either use it or lose it.
DeleteEffective against idiots who don't update. Who's surprised 🙄
ReplyDeleteWhich is interesting; because the iphone crowd are the best updaters of all in the world
DeleteRequires physical access, meh.
ReplyDeleteWtf are you talking about?
Delete“Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites”
AS USUAL in these SCARE TACTIC BULLSHIT ARTICLES. So tired of this shit. Every fucking year. "Iphone totally unsafe if I have 6 hours of physical access and a handgranade"; just fuck off people
ReplyDeleteYou do you. This one is not the normal attack vector.
DeleteIf you need to take heed on one, it’s this one.
I probably won’t update my iPhone for a while bc my mom passed away and every time I open the FaceTime app she pops up for a split second and I get to see her again
DeleteDid you even read the article?
Delete“Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites”
Kind of misleading, you have you pick up pieces of the virus from websites and most of them are on Ukrainian sites
ReplyDeleteSteal my nudes idgaf
ReplyDeleteI only have nudes, so I get my phone back when I lose it
DeleteDARKSWORD INITIATING…
ReplyDelete“While the technique doesn’t affect the latest updated versions of iOS, it does work against iOS devices running versions of Apple’s previous operating system release, iOS 18, which as of last month still accounted for close to a quarter of iPhones”
ReplyDeleteUpdate your phones os to stay ahead of security vulnerabilities
What about those of us still on 16?
DeleteHow many people are not updated vs there’s just a quarter of phones not receiving the update. Assumably they’ll drop an update to render that quoted sentence useless.
DeleteWell i hate Liquid Glass. That’s the reason i don’t update
DeleteWell then enjoy your new Liquid Identity Theft feature. See if you love that more.
DeleteI’ve had 3 fraudulent charges on my CC account in the last month. I don’t shop at weird stores.
DeleteFound a second phone was associated with my iCloud. No idea when it was added.
Shit is real.
Upgrade and then enable Reduce Transparency
DeleteRequires physical access, meh.
DeleteNope. It’s a watering hole technique
DeleteIt don’t require physical access.
The end user (victim) will never know
Ugh, but then I have to deal with liquid ass.
DeleteYou can turn it off.
DeleteThe tinted feature is still semi-transparent. The issue is the depth perception sets off falling migraines. Do you know if there is a way to make it fully opaque?
DeleteETA: it’s high key real life to be downvoted for dealing with a disability
To the kind redditor who gave me an award, thank you!
Try also Settings > Accessibility > Display & Text Size > Toggle on Reduce Transparency
DeleteThank you very much. I’ll do that
DeleteETA, that was exceptionally helpful. Take my poor man reddit gold with many thanks 🏅
Comment deleted by user
DeleteHere (https://letmegooglethat.com/?q=turn+off+liquid+glass)
DeleteEdit: downvotes then deletes the question… what a silly kid
Dunno what the major issue is, Liquid Glass is sleek. It looks so much better.
DeleteGives me constant migraines
DeleteMigraines? Not head aches?
DeleteMigraines. I’m on preventative medication for pretty extreme migraines. The update sent me back to my e-ink computer. I’m afraid to leave the house and have bought a prepaid phone because of it
DeleteOkay so its a choice: Russkies or liquid ass! Personally I go with the ass. By the way: oh my god we iphone users ARE REALLY SCARED. Fuck off OP Android boy
DeleteWtf liquid glass is great
DeleteSays you
DeleteBevel and emboss was great in 1995. It currently shares an apartment with comic sans and vertically stacked text.
DeleteEh, it's inconsistent design choices make it annoying.
DeleteiOS 18?
ReplyDeleteThat’s what the article says. iOS 26.3 is apparently immune.
Delete