Two iPhone Exploit Kits Mean You Should Update iOS Now

ByMike Moffit

The discovery of two sophisticated iPhone exploit kits—DarkSword and Coruna—within weeks of each other signals a troubling shift. Unlike previous spyware attacks that targeted high-profile users, these exploit kits have been deployed via compromised legitimate websites, so anyone who visits an infected site could fall victim, with no additional clicks or downloads required. This suggests that exploit brokers are now selling tools to multiple buyers, including financially motivated hacking organizations.

Making matters worse, the complete DarkSword exploit code was published to GitHub, making it easy for any hacker to deploy. Security researchers warn that the exploits “will work out of the box” with no iOS expertise required—anyone could copy and paste the code and have it running on a server within hours.

Because it ultimately operates with elevated system privileges, DarkSword can silently harvest alarming amounts of data from vulnerable iPhones, including passwords stored in the keychain, photos, call logs, contacts, browsing history, chat message history, and more. It takes a smash-and-grab approach: collecting and exfiltrating data quickly, then disengaging. Coruna is more targeted and persistent, focusing on stealing cryptocurrency wallet credentials and scanning notes for financial information.

Protection Is Simple

Happily, it’s easy to protect yourself against these and future vulnerabilities: keep your devices up to date. We’ve been beating that drum for years, but DarkSword and Coruna are sufficiently worrying that Apple published a dedicated support page urging users to update, saying: “Keeping your software up to date is the single most important thing you can do to maintain the security of your Apple products.”

If your iPhone is running the latest version of iOS it supports, you’re already protected. But if you’ve been putting off updates—or are still running an earlier version of iOS 18 to avoid iOS 26’s Liquid Glass interface redesign—your iPhone may be vulnerable. Happily, Apple has taken the unprecedented step of releasing an update to an older operating system—iOS 18.7.7—to protect users who don’t wish to upgrade to iOS 26. (You may have to scroll down in the Software Update screen to find it under Also Available.)

Check and Update Your Device

To check your iOS version, go to Settings > General > About and look at the iOS Version line.

DarkSword targets iPhones running iOS 18.4 through iOS 18.7.2. If you’re running iOS 18.7.3 or later, or have upgraded to iOS 26.3 or later, you’re protected. Although none of the DarkSword security reports specifically mention the iPad, it’s best to assume that the corresponding versions of iPadOS are similarly affected.

Coruna can compromise older iPhones and iPads running iOS 13.0 through iOS 17.2.1. Apple recently released iOS 15.8.7 and iOS 16.7.15 to address these vulnerabilities on devices that cannot run newer iOS versions. Devices running iOS 13 or iOS 14 must be upgraded to iOS 15.8.7. Devices running a vulnerable version of iOS 17 should update to the latest version of iOS their device supports.

You can update using Settings > General > Software Update to the latest version of iOS your device supports:

  • iPhone 11 and later (and other devices that support iOS 26): Update to either iOS 18.7.7 or iOS 26.4 or later.
  • iPhone XR, XS, and XS Max: Update to iOS 18.7.7, the latest version these devices support, which includes the DarkSword fixes.
  • Older devices that can’t run iOS 18 (iPhone 6s through iPhone X, plus various older iPads and 7th-generation iPod touch): Update to iOS 15.8.7 or iOS 16.7.15, depending on your device. Devices still running iOS 13 or 14 will need to upgrade to iOS 15.8.7.

If you cannot upgrade for some reason, Apple says that enabling Lockdown Mode in Settings > Privacy & Security > Lockdown Mode in iOS 16 and later will block DarkSword attacks. However, Lockdown Mode significantly degrades the iPhone experience by blocking most message attachment types, disabling certain Web technologies, limiting incoming FaceTime calls, and more. For most people, upgrading to the most recent version of iOS available is the better option.

These discoveries make it clear that installing security updates promptly is more important than ever. Sophisticated exploits that were once reserved for targeted attacks against activists and journalists are now being deployed more broadly. Check your iOS version today, update all your devices, and encourage family members and colleagues to do the same.

(Featured image by iStock.com/sqback)

Social Media: Two major iPhone exploit kits—DarkSword and Coruna—can steal passwords, messages, and photos from everyday users who visit an infected website. Check your iOS version and update immediately to protect yourself.

Similar Posts

  • _Dear Friends,_

    Don’s making the voyage home this week from Key West back to the Green Mountains. He’s in for a bit of a shock when he gets back. Mother Nature seems to have gotten a bit confused this week. I mentioned in the fall that I was taking a new stance on winter and was going to embrace it this year and I truly did my best though we didn’t see much snow. But when we get a snow in late April, I choose to just ignore it. I didn’t bother to shovel off my deck and I left the hose to water my horses just thrown on the ground. In the end both these decisions only made my life harder. I had to lug water buckets for my horses as my hose was not only frozen to the ground, but frozen itself because I didn’t take the time to drain the water out of it. All the slush and snow I ignored on my deck was a sprained ankle waiting to happen and my screen door only opened halfway once everything froze back up. Well, let’s just hope this was finally the last of it and spring will finally show up for real. It always looks a little funny when the trees are starting to bud and there is still snow on the ground.

    The snow this week was a bit of a shock to many of us, and so was the latest financial report from Apple. For the first time in 13 years, Apple’s financial report showed lower than expected sales figures. iPhone sales showed their first decline since their release and iPad sales have been sluggish for several quarters now, but we’ll have more on this later in Kibbles.

    This week’s Kibbles & Bytes exclusive is perfect for the on-the-run Mom on your list or anyone who is on the go and trying to fit time in for themselves between home and the office. This week only, save $40 on this perfect on-the-run bundle. Get the OutDoor Tech Kodiak mini, the BlueAnt Pump Mini headphones and the Belkin Slim-Fit Plus armband for “**$99.97**.”:http://www.smalldog.com/wag900002212 This bundle is perfect for ensuring the mom who does it all can keep can keep her phone going to capture those special moments or squeeze in an important call during her workout.