Download iOS 18 Patch to Block DarkSword Hack

Apple has released a security backport for iOS 18 to protect millions of users from a new hacking tool known as “DarkSword.” As noted by Wired, this emergency patch acknowledges that a significant portion of the iPhone community is still holding onto last year’s software.

DarkSword is a full-chain exploit kit first identified by the Google Threat Intelligence Group (GTIG) alongside security firms Lookout and iVerify. Unlike traditional malware that requires a user to download a suspicious file or click an “Allow” prompt, DarkSword is a “one-click” or “drive-by” attack. This means a device can be compromised simply by visiting a legitimate website that hackers have tampered with.

Once a user lands on an infected page, the toolkit uses six different vulnerabilities in Safari and the iOS kernel to bypass security and install data-stealing malware. Security researchers have tracked this tool back to November 2025, noting its use by various actors, including suspected state-sponsored groups in Russia and commercial surveillance vendors in Turkey.

What makes DarkSword particularly dangerous is its efficiency. Experts describe it as a “hit-and-run” attack. Once it gains access, the malware scans the phone for high-value data, including Wi-Fi passwords, iMessage history, contacts, and location data.

There is also a heavy focus on financial theft. The tool specifically targets cryptocurrency wallet apps and exchange credentials. After exfiltrating the data, which often takes only a few minutes, the malware deletes its own files and exits, leaving very little evidence behind for the average user to find.

Typically, Apple patches older versions of iOS only for devices that are physically incapable of running the newest software. However, recent data suggests that roughly 25% of iPhone users have stayed on iOS 18. Some users are simply slow to update, while others have avoided iOS 26 to keep the older user interface rather than switching to the new Liquid Glass design.

By releasing this rare backport, Apple is ensuring that these users remain safe without forcing a total system overhaul. The patch specifically targets the vulnerabilities used by DarkSword, effectively breaking the exploit’s ability to function on iOS 18.7.6 and above.