An exploit for the notorious DarkSword spyware has been made public via GitHub. Experts warn that the spyware makes hacking iPhones child’s play.
DarkSword is a recently discovered spyware that targets the iOS operating system on iPhones. A ready-to-use exploit kit was published on GitHub a few days ago. It involves a newer version of the spyware with uncomplicated files, making the execution of the spyware even easier.
The attack is notable because it works with such a low barrier to entry. DarkSword doesn’t even need to use classic phishing tricks: the spyware targets websites you have already visited to automatically infect your device. The spyware has reportedly already been used by Russian hackers to spy on Ukrainian targets via news and government websites.
The goal of the attacks is to steal information from the infected device and send it to an external server, such as contact and call data, your message history, and even passwords stored in Keychain.
Ready-to-use exploit
The published exploit “reads and exfiltrates forensically relevant files from iOS devices via HTTP. This payload must be injected into a process with access to the file system,” reads the description on GitHub. Security experts fear that making the exploit public makes its exploitation child’s play.
“The exploits work instantly, without requiring any knowledge of iOS,” warns Matthias Frielingsdorf of iVerify, who co-discovered DarkSword, via TechCrunch. According to the researcher, anyone with some copy-pasting can host the code on their own server and distribute it to targets. “I fear this can no longer be kept under control.” Another security researcher demonstrated via X how he managed to crack an iPad mini in just a few minutes using the exploit.
Hundreds of millions of iPhones vulnerable
DarkSword specifically targets devices running iOS 18, the version released in 2024. According to Apple’s figures, approximately a quarter of all iPhones and iPads worldwide are running iOS 18, meaning hundreds of millions of devices are at risk.
To protect yourself, it is recommended to update to iOS 26, even if you aren’t a fan of the new Liquid Glass design. For now, GitHub does not seem to be taking any measures to prevent the spread of DarkSword.
read also