{"id":1307,"date":"2026-03-19T04:37:45","date_gmt":"2026-03-18T20:37:45","guid":{"rendered":"https:\/\/obagg.com\/index.php\/2026\/03\/19\/a-new-iphone-hacking-tool-puts-anyone-still-on-ios-18-at-risk\/"},"modified":"2026-03-19T04:37:45","modified_gmt":"2026-03-18T20:37:45","slug":"a-new-iphone-hacking-tool-puts-anyone-still-on-ios-18-at-risk","status":"publish","type":"post","link":"https:\/\/obagg.com\/index.php\/2026\/03\/19\/a-new-iphone-hacking-tool-puts-anyone-still-on-ios-18-at-risk\/","title":{"rendered":"A new iPhone hacking tool puts anyone still on iOS 18 at risk"},"content":{"rendered":"<p><a target=\"_blank\" class=\"no-affiliate-link link\" href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/darksword-ios-exploit-chain\" data-i13n=\"elm:context_link;elmt:doNotAffiliate;cpos:1;pos:1\">Google<\/a> and cybersecurity companies <a target=\"_blank\" class=\"no-affiliate-link link\" href=\"https:\/\/www.lookout.com\/threat-intelligence\/article\/darksword\" data-i13n=\"elm:context_link;elmt:doNotAffiliate;cpos:2;pos:1\">Lookout<\/a> and <a target=\"_blank\" class=\"link\" href=\"https:\/\/iverify.io\/press-releases\/iverify-details-darksword-second-mass-attack-against-ios-disclosed-in-two-weeks\" data-i13n=\"cpos:3;pos:1\">iVerify<\/a> have detailed a new hacking technique that potentially puts a significant portion of iPhone users in danger, just by visiting the wrong web page. The hack is called &#8220;DarkSword&#8221; and since it specifically targets several different versions of iOS 18, it could affect &#8220;close to a quarter of iPhones,&#8221; <a target=\"_blank\" class=\"no-affiliate-link link\" href=\"https:\/\/www.wired.com\/story\/hundreds-of-millions-of-iphones-can-be-hacked-with-a-new-tool-found-in-the-wild\/\" data-i13n=\"elm:context_link;elmt:doNotAffiliate;cpos:4;pos:1\"><em>Wired <\/em>writes.<\/a><\/p>\n<p>DarkSword is a &#8220;fileless&#8221; hack that leverages a collection of exploits to access sensitive data when an iPhone visits an infected website. Rather than install spyware that hangs around on a user&#8217;s phone after messages and other private information are stolen, fileless hacks like DarkSword take control of &#8220;the legitimate processes in an iPhone&#8217;s operating system to steal data,&#8221; according to <em>Wired<\/em>. Even more troubling, DarkSword deletes any evidence it was running on an iPhone after it finishes stealing your information.<\/p>\n<p>The hack starts as soon as an iOS device encounters an &#8220;malicious iframe embedded in a web page,&#8221; after which it works its way through your iPhone, gathering sensitive information like passwords before deleting itself. DarkSword can abscond with things like messages and iCloud content, but it&#8217;s also specifically designed to access crypto currency wallets, Lookout says, which could indicate who was using DarkSword before it became widely available.<\/p>\n<p>DarkSword has reportedly been used in Ukraine, Saudi Arabia,\u00a0Malaysia, Turkey and Russia, and its origins could be tied to a different hacking toolkit called <a target=\"_blank\" class=\"no-affiliate-link link\" href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/coruna-powerful-ios-exploit-kit\" data-i13n=\"elm:context_link;elmt:doNotAffiliate;cpos:5;pos:1\">Coruna<\/a> that <a target=\"_blank\" class=\"link\" href=\"https:\/\/techcrunch.com\/2026\/03\/10\/us-military-contractor-likely-built-iphone-hacking-tools-used-by-russian-spies-in-ukraine\/\" data-i13n=\"cpos:6;pos:1\"><em>TechCrunch <\/em>reports<\/a> may have been created for the US government by a company called Trenchant. Regardless of where DarkSword came from, the tool didn&#8217;t become widely available until its Russian users left DarkSword&#8217;s source code on a website for anyone to access, &#8220;complete with explanatory comments in English that describe each component and include the &#8216;DarkSword&#8217; name for the tool,&#8221; <em>Wired <\/em>writes.<\/p>\n<p>Apple patched the exploits that DarkSword and Coruna used in recent updates to <a target=\"_blank\" class=\"link\" href=\"https:\/\/www.engadget.com\/mobile\/smartphones\/ios-26-beta-preview-liquid-glass-is-better-than-you-think-172155402.html\" data-i13n=\"cpos:7;pos:1\">iOS 26<\/a>, the yearly software release from 2025 that followed iOS 18. The problem is that not everyone is using Apple&#8217;s latest update. DarkSword targets iOS 18 releases between iOS 18.4 and iOS 18.6.2, and according to Apple&#8217;s latest <a target=\"_blank\" class=\"link\" href=\"https:\/\/developer.apple.com\/support\/app-store\/\" data-i13n=\"cpos:8;pos:1\">iOS usage stats for developers<\/a>, around 24 percent of iOS devices are still on iOS 18. Without more detail, it&#8217;s hard to know how many people that leaves exposed, but as a rule of thumb, if your iOS device can update to a newer software release, you should do so as soon as possible to stay secure.<\/p>\n<p>This article originally appeared on Engadget at https:\/\/www.engadget.com\/cybersecurity\/a-new-iphone-hacking-tool-puts-anyone-still-on-ios-18-at-risk-203745949.html?src=rss<\/p><p>Please credit: <a href=\"https:\/\/obagg.com\">OBA Blog<\/a> &raquo; <a href=\"https:\/\/obagg.com\/index.php\/2026\/03\/19\/a-new-iphone-hacking-tool-puts-anyone-still-on-ios-18-at-risk\/\">A new iPhone hacking tool puts anyone still on iOS 18 at risk<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Google and cybersecurity companies Lookout and iVerify have detailed a new hacking technique that potentially puts a significant portion of iPhone users in danger, just by visiting the wrong web page. The hack is called &#8220;DarkSword&#8221; and since it specifically targets several different versions of iOS 18, it could affect &#8220;close to a quarter of iPhones,&#8221; Wired writes. DarkSword is a &#8220;fileless&#8221; hack that leverages a collection of exploits to access sensitive data when an iPhone visits an infected website. Rather than install spyware that hangs around on a user&#8217;s phone after messages and other private information are stolen, fileless hacks like DarkSword take control of &#8220;the legitimate processes in an iPhone&#8217;s operating system to steal data,&#8221; according to Wired. Even more troubling, DarkSword deletes [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1307","post","type-post","status-publish","format-standard","hentry","category-share"],"_links":{"self":[{"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/posts\/1307","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/comments?post=1307"}],"version-history":[{"count":0,"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/posts\/1307\/revisions"}],"wp:attachment":[{"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/media?parent=1307"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/categories?post=1307"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/obagg.com\/index.php\/wp-json\/wp\/v2\/tags?post=1307"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}