Apple sends ‘security message’ to iPhone users at risk of DarkSword spyware attack
Apple has issued an advisory to old iPhone users asking them to update their phone’s software to protect devices against web-based attacks. This comes days after researchers, including from Google, discovered a sophisticated exploit kit called Darksword, capable of stealing personal data from iPhones. In its advisory, Apple says that devices running versions of iOS 15 through iOS 26 are already protected. However, devices with iOS 13 or iOS 14 are at risk. The Cupertino-based company has already released a software update for iOS 15 and iOS 16 on March 11, 2026, to extend protection to older devices that cannot update to the latest version of iOS.
What is DarkSword
Darksword is reportedly a professionally designed, highly sophisticated platform that appears to have been built for future development and shows clear signs of deliberate engineering for maintainability. Security researchers call Darksword an exploit kit that has tools designed to take advantage of vulnerabilities in software, in this case Apple’s iOS.The group behind Darksword is tracked by researchers under the identifier UNC6353 and a definitive attribution remains unclear. Researchers say that there are signs that large language model (LLM) tools – which power AI chatbots – have been used to extend Darksword’s functionality.“This malware is highly sophisticated and appears to be a professionally designed platform enabling rapid development of modules through access to a high level programming language,” Lookout said in a report, adding that “this extra step shows a significant effort put into the development of this malware with thoughts about maintainability, long-term development and extensibility.”
Read Apple’s ‘security message’ to iPhone users
If your iPhone doesn’t have the latest software, update iOS to protect your data.Security researchers recently identified web-based attacks that target out-of-date versions of iOS through malicious web content. For example, if you’re using an older version of iOS and were to click a malicious link or visit a compromised website, the data on your iPhone might be at risk of being stolen.We thoroughly investigated these issues as they were found and released software updates as quickly as possible for the most recent operating system versions to address vulnerabilities and disrupt such attacks.If you have kept your iPhone software up to date, then you are already protected. Keeping your software up to date is the single most important thing you can do to maintain the security of your Apple products, and devices with updated software were not at risk from these reported attacks. Devices with Lockdown Mode enabled are also protected from these specific attacks, even on out-of-date software, but should be updated to the latest iOS version as soon as possible.If your iPhone has an older version of iOS, update to protect your data:Devices with the latest, updated versions of iOS 15 through iOS 26 are already protected. If you have not updated your software recently, update iOS on your iPhone.We released a software update for iOS 15 and iOS 16 on March 11, 2026, to extend protection to older devices that cannot update to the latest version of iOS.Devices with iOS 13 or iOS 14 must update to iOS 15 to receive these protections and will receive an additional alert to install a Critical Security Update in the next few days.Apple Safe Browsing in Safari is on by default and blocks the malicious URL domains identified in these attacks.Note: Users who are unable to update their device can consider enabling Lockdown Mode (if available) to protect against malicious web content and other threats.
