Apple will on Wednesday issue a software update for iPhones still running iOS 18 to block the increasingly-popular DarkSword exploit, which can allow bad guys to take control of an iPhone simply if the user visits a website that’s been infected with the evil code.
An Apple support document informs users about recent reports about hacking tools that can be used against iPhones running older versions of iOS. iOS exploit kits known as “Coruna” and “DarkSword” are being used by bad actors to take advantage of vulnerabilities in devices running older software.
Devices that have been upgraded to iOS 26 are already protected from DarkSword. However, those still running iOS 18 are vulnerable to the exploit, leading Apple to release the fix to protect iOS 18 users. Approximately 25% of all iPhone users remained on iOS 18 as of February for one reason or another, even though their device supports the latest version.
“Tomorrow we are enabling the availability of an iOS 18 update for more devices so users with auto-update enabled can automatically receive important security protections,” an Apple spokesperson told Wired. “We encourage all users with supported devices to update to iOS 26 to receive our most advanced protections.”
To install the iOS 18 update, your iPhone should be fully charged and connected to WiFi. To check that the update is available and to install it, go to “Settings” -> “General” -> “Software Update.” If you have automatic updates enabled you should see the new software installed automatically.
DarkSword has been used by multiple hacker groups to hack the iPhones of users in multiple countries, including Malaysia, Saudi Arabia, Turkey, and Ukraine, says Google.
Apple has also released a patch to protect older iPhones from another iOS hacking tool kit, Coruna. Apple urges all iPhone users to update to the latest iOS version supported by their device.
While such toolkits are not unusual in the black hat hacker community, the availability of DarkSword makes it simple for even a script kiddie to grab the files from open source code repository GitHub, and in a matter of minutes be infecting unsuspecting devices.
“The exploits will work out of the box,” Matthias Frielingsdorf, the co-founder of mobile security startup iVerify, told TechCrunch. “There is no iOS expertise required.”
“This is bad. They are way too easy to repurpose,” Frielingsdorf continued. “I don’t think that can be contained anymore. So we need to expect criminals and others to start deploying this.”