iPhone Hacking: DarkSword Malware Targets Millions

New zero-click exploit lets Moscow-linked hackers take control of iOS 18 devices through infected websites.

Follow the digital pipeline, and you’ll find Russian fingerprints on the most sophisticated iPhone hack discovered this year. DarkSword isn’t just another piece of malware. It’s a weapon that can hijack hundreds of millions of devices with a single click.

Money trails start in Moscow’s tech corridors, where state-funded hacking groups have spent years perfecting zero-click exploits. These aren’t basement hackers looking for Bitcoin. They’re professional cyber units with budgets that dwarf most Silicon Valley startups.

DarkSword represents the latest evolution in Russia’s digital warfare arsenal. The tool exploits vulnerabilities in Safari’s WebKit engine — turning ordinary websites into trojan horses. Users don’t need to download anything or click suspicious links. Just visiting an infected site gives attackers complete control.

Security researchers discovered DarkSword after tracking unusual network traffic from compromised devices back to servers in St. Petersburg. The timing is striking. This deployment comes just weeks after new sanctions targeted Russian tech exports.

Kremlin shadows loom large over this operation. DarkSword bears hallmarks of APT29, the hacking group linked to Russia’s Foreign Intelligence Service. Their previous targets included government officials, journalists, and dissidents across Eastern Europe.

By Tuesday evening, cybersecurity firms had identified over 200 websites hosting DarkSword payloads. Most masqueraded as news sites or social media platforms. The infected domains used sophisticated content delivery networks to hide their true origins.

Human costs extend far beyond privacy violations. Compromised iPhones become surveillance devices in Putin’s global intelligence network. Text messages, photos, location data, and encrypted communications all flow back to Moscow servers.

Russian hackers have traditionally focused on Windows systems and Android devices. This shift to iOS signals a new phase in their operations. Apple’s ecosystem — once considered impenetrable — now faces the same threats plaguing other platforms.

Numbers don’t lie here. iOS 18 runs on roughly 400 million active devices worldwide. That’s a staggering figure. Even a one percent infection rate would give Russian intelligence access to millions of phones belonging to Western officials, business leaders, and ordinary citizens.

Apple released an emergency patch within 72 hours of researchers reporting the vulnerability. But damage extends beyond this single exploit. DarkSword proves that Moscow’s hackers have developed capabilities matching those of the NSA or Unit 8200.

Siloviki who control Russia’s intelligence apparatus view cyber warfare as cheaper than conventional military operations. Why launch missiles when you can steal secrets through infected websites? Return on investment makes traditional espionage look quaint.

Yet DarkSword’s discovery also reveals vulnerabilities in Russia’s cyber operations. Sloppy operational security allowed researchers to trace the attacks back to their source. The same arrogance that marks Moscow’s foreign policy infected this digital campaign.

Pipelines from Russian servers to American smartphones run through networks of compromised websites and hijacked content delivery systems. Each infected device becomes another node in Moscow’s global surveillance network. Nobody is saying that publicly.

Still, researchers continue mapping the full scope of this operation. For weeks now, they’ve tracked DarkSword’s spread across continents. The malware adapts to different languages and regional settings — showing Moscow’s global ambitions.

Russian cyber operations now target hundreds of millions of iPhones through sophisticated web-based attacks.

Source: Original Report