You Don’t Need to Update to IOS 26 to Protect Your IPhone From the DarkSword Malware.
Last month, information surfaced about ” DarkSword ,” a malware suite that allows hackers to easily obtain passwords, emails, cryptocurrency wallet data, and more from your iPhone. And you don’t have to do much to put yourself at risk: DarkSword only requires visiting a malicious website, making it particularly dangerous.
It’s not entirely clear what risk DarkSword poses to the average user. The Google Threat Intelligence Group (GTIG) claims to have identified “multiple commercial surveillance software vendors and suspected state actors” using the malware against targets in Saudi Arabia, Turkey, Malaysia, and Ukraine, suggesting the victims were highly targeted. However, the malware kit leaked online last week , theoretically making it much more accessible to the average hacker. While DarkSword-using hackers were previously well-organized and, in some cases, funded by state agencies, it’s possible that hackers targeting ordinary users will now be interested in it—especially given the range of potential targets.
DarkSword affects a lot more iPhones than you might think.
This is another serious problem with DarkSword: a huge number of iPhones are potentially vulnerable. According to GTIG, all iPhones running iOS 26 up to version 26.3 are vulnerable, as are all iPhones running iOS 18 up to version 18.7.3. If you regularly update your iPhone to the latest OS version, you’re fine. But many users don’t, which creates a host of problems. First, these users may not update their iPhones frequently, so they could be running an outdated, vulnerable version without even realizing it. Then there are those who deliberately avoid Apple’s controversial iOS 26 update, even if their iPhones support it. Many users, dissatisfied with Liquid Glass or concerned about performance issues, prefer to stay on iOS 18.
This doesn’t align with Apple’s security philosophy. Typically, if a device is running an older version of iOS that can be updated, Apple will disable security updates until you update to the latest version. For example, an iPhone 16 running iOS 18 received iOS 18.7.3, but not iOS 18.7.7. This means that without updating to the latest version of iOS 26, that iPhone 16 is vulnerable to any new vulnerabilities, including potential DarkSword exploits. An iPhone XS running iOS 18 can update to 18.7.7, but that’s because it can’t update to iOS 26. But an iPhone 16? Update, or you’re out of luck.
All iPhones can now be updated to protect against DarkSword.
Now the company is changing its stance. Apple told Wired that it will release a new security patch on Wednesday for all devices running iOS 18, regardless of whether they can update to iOS 26. This move demonstrates the seriousness of the situation: DarkSword poses a threat not only to iPhone users, but also to a significant number of users who continue to use iOS 18, so Apple feels it is necessary to release patches for them. The company cannot force these users to choose between a specific OS and the latest security updates.
Notably, this is the second time in a month that Apple has had to release such a security enhancement program. In early March, the company released patches for older iPhone models protecting against the “Coruna” exploit kit.
Apple typically releases updates around 10:00 AM Pacific Time (1:00 PM Eastern Time), so expect this update around that time. If you have automatic updates enabled, you won’t need to do anything to update, but if you want to install it as soon as possible, you’ll need to go to Settings > General > Software Update to download the update manually.