A second iOS exploit kit, known as DarkSword, has been discovered in use by suspected Russian hackers, marking a significant escalation in the threat landscape. This kit, like its predecessor Coruna, targets iOS devices, with estimates suggesting up to 270 million iPhone users may be vulnerable due to outdated software, specifically those running iOS 18 or earlier versions. The research, a collaborative effort between iVerify, Lookout, and Google, reveals a troubling trend in the adoption of exploit kits by nation-state actors. The use of these kits, potentially developed with tools originating from the US government1, underscores the gravity of the situation. The fact that 15% of all iOS devices in use are running outdated versions, making them susceptible to such exploits, highlights the need for urgent attention to device security. This development matters to practitioners as it underscores the importance of prompt software updates and robust security measures to mitigate the risk of compromise.
Second iOS exploit kit now in use by suspected Russian hackers
⚡ High Priority
Why This Matters
While the second kit — dubbed DarkSword — also targeted users in Ukraine, the scale is significant: iVerify estimated up to 270 million iPhone users could be susceptible, while.
References
- CyberScoop. (2026, March 18). Second iOS exploit kit now in use by suspected Russian hackers. CyberScoop. https://cyberscoop.com/second-ios-exploit-kit-emerges-from-suspected-russian-hackers-using-possible-u-s-government-developed-tools/
Original Source
CyberScoop
Read original →