Restarting your iPhone is usually the first step in troubleshooting a glitchy app, but for the victims of DarkSword, it’s the only way to delete the evidence of a total device compromise.

A sophisticated new zero-click spyware exploit chain, dubbed DarkSword, has been observed targeting millions of iPhones running iOS versions 18.4 through 18.7. Discovered by the Google Threat Intelligence Group (GTIG) in collaboration with Lookout and iVerify, the malware is notable not just for its technical complexity, but for its “hit-and-run” tactical shift that makes traditional digital forensics almost impossible.

The Zero-Click Nightmare

Unlike traditional phishing attacks that require a user to click a suspicious link or download a malicious attachment, DarkSword is a zero-click exploit. A victim’s device can be fully compromised simply by visiting a compromised “watering-hole” website.

The exploit chain, written entirely in JavaScript, leverages six different vulnerabilities to achieve kernel-level privileges. This allows the attacker to bypass Apple’s most stringent security layers, including the sandbox and Pointer Authentication Codes (PAC).

The Technical Chain of Command

The DarkSword exploit kit is a masterclass in chaining disparate bugs into a unified weapon. It targets specific vulnerabilities across different iOS versions:

  • Remote Code Execution (RCE): The entry point often involves a JavaScriptCore JIT optimization bug (CVE-2025-31277) for older 18.x versions or a garbage collection bug (CVE-2025-43529) for iOS 18.6-18.7.
  • Sandbox Escape: The exploit then pivots to the GPU process via an out-of-bounds write in ANGLE (CVE-2025-14174). From there, it moves into the mediaplaybackd daemon.
  • Privilege Escalation: Finally, a copy-on-write bug in the XNU kernel (CVE-2025-43510) and a kernel memory corruption flaw (CVE-2025-43520) provide the “keys to the kingdom”—arbitrary memory read/write primitives and full kernel control.

GHOSTBLADE and the Data Heist

Once the exploit chain completes, DarkSword deploys one of three malware families: GHOSTBLADE, GHOSTKNIFE, or GHOSTSABER.

These payloads are designed for total information exfiltration. Within minutes of infection, the spyware can strip a device of:

  • Passwords and Keychain data
  • WhatsApp and Telegram messages (including encrypted chats)
  • Photos, contacts, and call history
  • Apple Health data and cryptocurrency wallets
  • Browser cookies and Wi-Fi passwords

The “Hit-and-Run” Tactic

The most alarming aspect of DarkSword is its ephemeral nature. Most spyware, like Pegasus, aims for long-term persistence to monitor a target over months. DarkSword takes the opposite approach.

It is designed to get in, take everything, and get out. After exfiltrating the targeted data, the spyware cleans up its own files on the filesystem and exits. Because it resides primarily in memory, a simple restart of the device wipes almost all traces of the infection. While this sounds like a “fix,” it actually serves the attacker by destroying the forensic trail that security researchers use to track state-sponsored actors.

This shift in strategy highlights why AI Coding Agents Need Guardrails, Not More Autonomy; as exploit kits become more automated—with evidence suggesting some of DarkSword’s server-side code was LLM-generated—the speed of attack is beginning to outpace the speed of human defense.

Who is Behind DarkSword?

Evidence points toward multiple commercial surveillance vendors and state-sponsored groups. One Russian-aligned APT group, known as UNC6353, has been linked to the infrastructure. Targets have been identified in Saudi Arabia, Turkey, Malaysia, and Ukraine, suggesting the tool is being used for both domestic surveillance and international espionage.

The presence of AI-generated code in the exploit kit is a chilling reminder of how the barrier to entry for high-end cyber warfare is dropping. When AI Hallucinates, it’s usually a nuisance; when it’s used to optimize a kernel exploit, it’s a global security crisis.

How to Protect Your iPhone

If you are running any version of iOS between 18.4 and 18.7, you are at risk.

  1. Update Immediately: Apple has addressed these vulnerabilities in iOS 26.3 (and 18.7.6 for older devices). Go to Settings > General > Software Update and install the latest version now.
  2. Enable Lockdown Mode: If you are a high-risk individual (journalist, activist, or government official), enable Lockdown Mode. It significantly reduces the attack surface for zero-click exploits.
  3. Periodic Restarts: While a restart won’t prevent the initial theft, it will clear the active malware from your memory if you’ve already been targeted.
  4. Verify Your Version: Check if you are among the estimated 25% of users still running vulnerable 18.x versions.

DarkSword represents a new era of mobile threats—faster, more automated, and harder to detect. The “Sword” is out of the scabbard; make sure your software is updated before it finds a target.