Researchers Discover New Spyware That Can Hack Millions of iPhones

Researchers uncover "Darksword" malware targeting millions of unpatched iPhones via compromised websites.

On March 18, researchers said they had unearthed a software exploit that left hundreds of millions of Apple iPhones susceptible to information being stolen from them. This spyware was planted on several websites in Ukraine in recent weeks. Significantly, this is the second time in a month that researchers have discovered spyware capable of targeting iPhones and other Apple devices. These hacking tools show that there is a thriving market that sells advanced malware for stealing personal user information and cryptocurrency wallet data.

Furthermore, the discovery of this spyware dubbed “Darksword” was made possible by a coordinated effort involving researchers of cyber firm Lookout, mobile security firm iVerify, and Alphabet’s Google. Their earlier analysis on March 3 had revealed a separate powerful iPhone spyware called “Coruna”. Darksword was found to be hosted on the same servers. In particular, the spyware was delivered to iPhone users running iOS versions 18.4 to 18.6.2 who visited any of the compromised Ukrainian websites. Apple had released those versions between March and August 2025.

Moreover, it is difficult to ascertain the exact number of iPhones vulnerable to Darksword attacks, because many people don’t install iPhone updates. Even though Apple had released fixes for the underlying bugs that attackers used to make the spyware, around 220 to 270 million iPhones are estimated to run on exposed iOS versions. Interestingly, researchers claimed that they discovered these vulnerabilities due to a lack of stringent security measures that are, in contrast, present in similar state-linked iPhone hacking attempts. Russian hackers are suspected of being behind the spyware’s release and attempted proliferation to devices worldwide. Technology companies sprang into action to mitigate the threats, with Apple publishing a support page and Google updating all users to update to the latest iOS version or enable Lockdown Mode for high-risk individuals as a last resort. CIO Bulletin advises users to follow these guidelines to stay protected against harm.