"This is nasty": DarkSword malware on Github, patch iPhones immediately
A powerful exploit kit has appeared on Github and could pose a major threat to iPhones. Users should urgently update to iOS 26.
(Image: nikkimeel / Shutterstock.com)
Anyone who hasn't yet updated their iPhone to the very latest software version should do so right now – and install iOS 26.3.1 or 26.3.1 (a) respectively. If not yet installed, the update is available for download via “Settings > General > Software Update”. Newer iPhones (from iPhone 11 onwards) that are still running iOS 18 should also urgently upgrade to the current iOS 26 version. The last available iOS version 18.7.2 for these devices is no longer considered secure.
Malware can reportedly be easily repurposed
Unknown parties have apparently published the powerful exploit kit “DarkSword”, already used for attacks, on Github – making it practically freely accessible. This allows other criminals to easily use the code for their own attacks. The DarkSword spyware exploits a whole chain of vulnerabilities in Apple's operating systems to compromise unpatched iPhones, for example, just by visiting a manipulated website, and to extract sensitive data from the devices. The now freely available malware “can be repurposed far too easily”, Techcrunch quotes a security researcher from iVerify, who has analyzed DarkSword – "this is nasty”. He doesn't believe it “can be contained anymore”.
Videos by heise
Following apparently unprecedented malware attacks on iPhones, Apple urged its customers last week to update iOS “to protect the iPhone from attacks from the internet”. Security researchers have logged widespread attacks for the first time by the two highly complex exploit kits Coruna and DarkSword, which were likely developed for state surveillance – and then fell into the hands of hacker groups. The malware was then apparently also used indiscriminately against iPhone users in Ukraine, Turkey, and Saudi Arabia and was intended to steal information about crypto wallets, for example.
Many Apple patches, some special cases
“Devices with the latest updates from iOS 15 to iOS 26 installed are already protected,” the manufacturer explained. However, this also means that users must install the very latest version available for their device – and switch from iOS 18 to iOS 26, for example, if the update is offered. The extent to which older operating system versions are fully protected remains open; Apple only patches all known security vulnerabilities in the very latest version of its systems. Patches for older system versions are then only available for specific device series that no longer receive newer iOS versions. Enabling Lockdown Mode (Settings > Privacy & Security > Lockdown Mode) can also serve as protection on older devices, as Apple notes. However, this restricts certain functions.
Attacks on iPads and Macs have not been documented so far, but the vulnerabilities exploited by the exploit kits also exist there. Users should therefore also update these devices to version 26.3.1 if possible.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(lbe)
