iPhone owners, do it now to secure your phone from “DarkSword” hackers

If you own an iPhone, here’s what you need to know about DarkSword hacks. Cybersecurity researchers from the Google Threat Intelligence Group and two cybersecurity companies, Lookout and iVerify, have identified a new hacking toolkit that leaves iPhone owners’ data vulnerable. The toolkit, called DarkSword, is different from other forms of spyware and malware.

DarkSword does not use phishing texts or emails, nor does it force you to download suspicious apps to allow hackers to access your device. It operates through infected websites, the report says, including those designed to look like Snapchat and government contractor sites. After browsing these sites, the spyware may be activated and your information is in danger.

So far, attacks have been limited to people outside the United States, including Saudi Arabia, Turkey, Malaysia and Ukraine, according to Google. But as TechCrunch spotted this week, the spyware has been made public on GitHub, meaning it will be much easier for a number of bad actors to deploy.

DarkSword is “very sophisticated,” Lookout said in the report. The toolkit works by establishing “privileged code execution to access and exfiltrate sensitive information from the device.” DarkSword is not designed for continuous monitoring, but can access various data including your messages, iCloud content, and even crypto wallets.

Google said it was used by “multiple commercial surveillance service providers and suspected state-sponsored actors.” In a support page posted on March 19, Apple said: “We have thoroughly investigated these issues as they have been discovered and have released software updates as quickly as possible for the most recent versions of the operating system to address the vulnerabilities and stop such attacks.” »

Google said in the report that it contacted Apple in late 2025 with its findings. Researchers found that the vulnerable phones were running versions of the software from last year, including iOS 18.4 to 18.7. This isn’t the case for all phones, but as Apple’s own data confirms, around a fifth of iPhone owners are still using iOS 18, potentially leaving millions vulnerable.

The DarkSword spyware reports are scary, but basic iOS software hygiene can go a long way in protecting your data. Here’s what iPhone owners should do now to stay safe.

Keep your iPhone software up to date

Even though Apple has applied patches behind the scenes, you still need to take steps to ensure your iPhone is secure. There is a simple but necessary step to protect your phone from external threats: update your iOS software.

“I always recommend people update their iPhone to the latest iOS software as soon as possible,” said CNE expert Zachary McAuliffe. “Updates usually include new features, but more importantly, they often fix security issues. Delaying an update means bad actors could exploit a vulnerability in your iPhone, putting your personal data and system security at risk.”

Apple said people who have kept their phone software up to date are already protected. Google said iOS 26.3the latest software update, includes fixes to prevent DarkSword attacks, just like previous updates. And iOS 26.3.1(a)a minor security-focused update to the core software, was released on Wednesday.

To update your iPhone software, go to Settings > General > Software Update. If an update is available, you will be asked to download and install it. Some older iPhone models may not be able to run iOS 26. Check our guide to seeing if your iPhone can.

If you’re not eligible for iOS 26, Apple urges iPhone users to update their software to at least iOS 15, which provides protection for older iPhones. The company also says you may want to consider enabling Lockdown Mode to protect against malicious web content and other threats.

Other services and software