Tech

Millions of iPhones Vulnerable: What To Know About the DarkSword Exploit

Mar 19th 2026

AI-generated, human-reviewed.

A powerful new iPhone hacking technique called DarkSword has emerged, posing a threat to millions of users worldwide—even those who never click suspicious links or download risky apps. On this week’s Tech News Weekly, guest Andy Greenberg, a Wired journalist deeply versed in cybersecurity, explained how this exploit changes the landscape of smartphone security and why iPhone owners must rethink their approach.

What Is the DarkSword iPhone Hack?

DarkSword is a sophisticated hacking toolkit that enables attackers to fully compromise iPhones through watering hole attacks: victims are infected simply by visiting a website that has been compromised. Unlike traditional phishing or malware, the user doesn’t need to click on anything or install an app. Once you browse an infected site, your device can be silently breached.

According to Andy Greenberg, the exploit leverages six vulnerabilities within the iPhone’s browser and operating system, allowing hackers to escalate privileges and access nearly all data on the device. It’s part of a broader trend where previously rare, targeted attacks aimed at high-profile figures (like journalists or opposition politicians) are now being deployed indiscriminately, potentially affecting hundreds of millions of ordinary users.

How Does DarkSword Work—and Why Is It Different?

Historically, iPhone hacks required users to take an action (such as clicking a malicious link), and most malware was constrained to specific apps. DarkSword breaks this mold.
The attack is “fileless,” meaning it doesn’t leave a traditional malware payload behind. Instead, it uses the phone’s built-in processes to extract information, making detection and cleanup more difficult. Once exploited, the attacker gains access to photos, passwords, browser history, Apple Health data, crypto wallet credentials, and more.

Greenberg told Tech News Weekly that the ease with which DarkSword’s code was left accessible—and documented—online means other malicious actors can quickly reuse it. Its initial deployment targeted Ukrainian websites, but Google’s security analysis suggests it’s already been used against targets in Turkey, Saudi Arabia, Malaysia, and is poised to appear elsewhere.

Why Are So Many iPhones at Risk?

Despite the exploit relying on vulnerabilities patched in recent versions of iOS, millions of iPhones remain outdated—often due to user dislike of new interface changes. According to Greenberg, as many as a quarter of iPhones may still run iOS 18 or earlier, exposing users to DarkSword even after official patches are released.

Users are faced with a choice: tolerate changes in Apple’s software or risk being compromised by aggressive, rapidly proliferating threats. This highlights a new reality where keeping your phone updated is non-negotiable for security.

What You Need to Do if You Use an iPhone

  • Update to the latest iOS version immediately. Older versions (especially iOS 18 and below) are vulnerable.
  • Enable automatic updates to ensure patches are applied as soon as they become available.
  • Be cautious when browsing unfamiliar websites—even legitimate-looking sites can be compromised.
  • Consider reputable security apps (like iVerify or Lookout) if you’re at elevated risk, though detection isn’t always guaranteed.
  • Restart your phone regularly. Fileless exploits like DarkSword might be cleared via a reboot, but stolen data won’t be returned.

Key Takeaways

  • DarkSword is a new, highly sophisticated iPhone hack spreading via infected websites—no user action required.
  • Millions of devices running outdated iOS versions are vulnerable, even if users never click on malicious links.
  • Attackers can access almost all device data, including passwords and cryptocurrency wallets.
  • This marks a shift from rare, targeted iPhone attacks to widespread, indiscriminate hacks.
  • Keeping your device fully updated is the single most important defense.
  • Apple’s messaging that iPhones are only attacked in rare, targeted cases is no longer accurate—everyone is at risk.

The Bottom Line

As Andy Greenberg explained on Tech News Weekly, the game has changed for iPhone security. A hack this potent—easy to deploy, hard to detect, and capable of stealing everything—means every iPhone user must remain vigilant. Update your device now and treat iOS security as essential, not optional.

For ongoing coverage of tech’s most pressing issues, subscribe to Tech News Weekly:
https://twit.tv/shows/tech-news-weekly/episodes/429

 

Episode 429 - DarkSword Puts Hundreds of Millions at Risk Tech News Weekly #429
Mar 19 2026 - DarkSword Puts Hundreds of Million…
The Internet's Reaction to NV…
All Tech posts