REGULATORY · COMPETITIVE
DarkSword exploit enables web-based iPhone takeovers
Change
The DarkSword web-delivered exploit can instantly and silently compromise iOS devices running iOS 18 and is available in a reusable form on infected websites.
Why it matters
The exploit, named DarkSword, is delivered through infected websites and can instantly and silently take over iOS devices that visit those sites. It is packaged in an easily reusable form and has been observed in multiple espionage and cybercriminal campaigns. The technique affects devices running iOS 18 and does not impact the latest updated iOS releases. iOS 18 accounted for close to a quarter of iPhones as of last month, placing a substantial number of devices in scope.
Implications
- · Large numbers of iPhones running iOS 18 can be immediately compromised via routine web visits, degrading device integrity.
- · Personal and stored data on compromised devices is exposed to extraction following silent takeover.
- · Web-based distribution enables indiscriminate mass exploitation rather than narrowly targeted attacks, increasing scale of breaches.
- · Managed mobile fleets that include iOS 18 devices face elevated device-compromise exposure and incident response burdens.
Who is affected
- · iPhone users running iOS 18
- · Enterprise IT and security teams
- · Mobile device management operators
- · Incident response teams
Source
Topics
Law & Public Safety Data Privacy Technology & Innovation Cybersecurity