According to cybersecurity experts, DarkSword is a comprehensive toolkit for exploiting vulnerabilities on the iOS operating system. This tool uses many zero-day vulnerabilities to penetrate and control devices without much technical skill.
Previously, DarkSword was discovered by Google's threat intelligence team in an attack campaign targeting users in some countries such as Saudi Arabia, Turkey, Malaysia...
This tool combines up to 6 security vulnerabilities and 3 different lines of malware, allowing to take control of the device at a deep level.
Worryingly, the new version of DarkSword has now appeared publicly on GitHub, allowing anyone to download and use it. Experts warn that this significantly reduces technical barriers, paving the way for cybercriminals to exploit on a large scale.
According to analysis, DarkSword targets devices running iOS from version 18.4 to 18.7. Although Apple has patched these vulnerabilities in the iOS 26.3 update, many users have not yet upgraded the operating system.
In particular, older iPhone models such as iPhone X and lower-end devices are no longer supported for upgrading to new iOS, making them vulnerable targets. This means that hundreds of millions of devices are still at risk.
Experts warn that DarkSword being shared in simple HTML and JavaScript codes further increases the level of danger.
Users only need to copy and deploy the code on the server to be able to carry out the attack, almost without in-depth knowledge of iOS.
Matthias Frielingsdorf, co-founder of iVerify Security Company (headquartered in the US), said the situation is worrying as this tool can be quickly abused. According to him, the ability to control the spread is almost gone, and the risk of cybercriminals taking advantage is very high.
However, experts emphasize that users can still protect themselves by updating their devices to the latest iOS version. This is currently the most effective measure to patch the vulnerabilities exploited by DarkSword.
In the context of increasingly sophisticated network threats, this incident shows that even devices considered safe such as iPhones are not outside the sights of hackers.
Frequent software updates and raising personal security awareness are becoming more important than ever.
