Apple has issued an urgent warning that hundreds of millions of iPhones and iPads are vulnerable to cyberattacks due to a security flaw and the widespread availability of a hacking tool.
Millions of iPhones Vulnerable to Attacks
Apple has issued an urgent security alert, warning that hundreds of millions of users worldwide could be at risk from a security vulnerability in the iOS operating system.
The threat stems from a hacking tool called DarkSword, initially used by specialized cyber operations, but now publicly available on GitHub.
DarkSword Tool Simplifies Exploitation
Cybersecurity experts have identified an active campaign exploiting DarkSword. The tool’s accessibility—it’s now available on GitHub—means thousands, including less experienced users, can access potentially dangerous code.
The tool’s simplicity is a major concern, relying primarily on web technologies like HTML and JavaScript, requiring minimal technical expertise to deploy an attack, potentially enabling a rapid increase in cyberattacks.
iOS 18 and Earlier Versions Affected
The vulnerability primarily affects devices running outdated versions of iOS, including iOS 18 and earlier. Apple estimates that hundreds of millions of active iPhones and iPads globally are affected, meaning even users with older devices are at risk.
Data at Risk: Contacts, Passwords, and More
DarkSword can access a wide range of data stored on compromised devices, including contacts, messages, call history, and saved passwords. This poses a significant risk of data theft and account takeover.
Attack Vector: Malicious Websites and System Components
Experts indicate the attack mechanism can exploit vulnerabilities in the browser or system components, potentially triggered by visiting a specially crafted website.
Urgent iOS Update is Critical
Apple has released security patches to address the vulnerabilities and strongly urges users to immediately update their operating systems.
Devices running the latest versions of iOS, especially with Lockdown Mode activated, are not susceptible to these attacks.
GitHub’s Role and the Democratization of Hacking
The publication of DarkSword on GitHub represents a turning point, as similar tools were previously limited to specialized hacking groups. Now, virtually anyone with internet access can download and attempt to use the code.
Security specialists warn that democratizing access to such tools inevitably leads to an increase in incidents, with a historical pattern of attack numbers surging after exploit releases.
The tool’s simplicity also allows for easy modification and adaptation to various attack scenarios, complicating threat detection by traditional security systems.
Links to Russian Hacking Operations
Previous analyses indicated DarkSword was used in operations attributed to Russian hacking groups, including those targeting Ukraine, where it was used for intelligence gathering.
However, the current situation is different. The widespread availability of the tool means its use is no longer limited to specialized services or cybercriminal groups, potentially falling into the hands of individuals acting independently, significantly increasing the scale of potential threats.
Google experts also confirm the high risk, stating the combination of tool availability and existing mobile system vulnerabilities creates a uniquely dangerous situation for users.
Software Updates: The Primary Defense
Given the growing threat, a swift response from users is crucial. Updating the operating system remains the most effective way to protect against known vulnerabilities, applying to both smartphones and Apple tablets.
Experts also recommend avoiding suspicious websites and installing applications only from official sources. For particularly sensitive users, activating additional security mechanisms like Lockdown Mode is advisable.
However, updating the system remains the most important protective measure—without it, even the most aware user remains vulnerable to attack.
