Apple responds to DarkSword spyware, the hacker tool targeting iPhones

Numerous reports, including Mashable's own coverage, were published on Wednesday about a new hacker tool called DarkSword that is being used to target iPhones. 

Apple has now shared with Mashable some important information regarding the threat and how the company is addressing it.

According to Apple, the company last year patched the underlying iOS vulnerabilities that the spyware exploited. In addition, Apple also pushed out an emergency software update for iOS 15 and iOS 16 on March 11 meant for older iOS devices that were not able to update to the more recent, patched versions of iOS.

Apple says that any user running iOS 15 through iOS 26 are protected from DarkSword spyware. 

However, users running iOS 13 or iOS 14 need to update to iOS 15 in order for their device to receive these same protections. Apple says users still using these older versions of iOS will receive an alert to install a Critical Security Update within the next few days.

Apple also shared that security researchers confirmed that DarkSword spyware and other similar exploits do not work on devices with Apple’s optional Lockdown Mode protection enabled. In addition, iPhone 17 users were protected from these attacks thanks to the lineup's Memory Integrity Enforcement feature.

On Wednesday, Google, along with cybersecurity firms Lookout and iVerify, published detailed reports about DarkSword, a new hacking toolkit being deployed by bad actors, such as a notorious hacking group with ties to the Russian government. One of DarkSword's most concerning aspects is that the spyware did not require the target to download any malware or other malicious file. DarkSword is deployed by a target simply visiting a compromised website.

According to Apple, Apple Safe Browsing in Safari blocks all known malicious URLs identified by Google.

Apple also provided other general security and safety tips, such as using two-factor authentication for logins, never clicking on unknown links or attachments, and always keeping your devices' software up-to-date.

Apple has also published more information about how it's protecting users from these web-based attacks in a post found on its website.