Two iPhone Exploit Kits Mean You Should Update iOS Now

The discovery of two sophisticated iPhone exploit kits—DarkSword and Coruna—within weeks of each other signals a troubling shift. Unlike previous spyware attacks that targeted high-profile users, these exploit kits have been deployed via compromised legitimate websites, so anyone who visits an infected site could fall victim, with no additional clicks or downloads required. This suggests that exploit brokers are now selling tools to multiple buyers, including financially motivated hacking organizations.

Making matters worse, the complete DarkSword exploit code was published to GitHub, making it easy for any hacker to deploy. Security researchers warn that the exploits “will work out of the box” with no iOS expertise required—anyone could copy and paste the code and have it running on a server within hours.

Because it ultimately operates with elevated system privileges, DarkSword can silently harvest alarming amounts of data from vulnerable iPhones, including passwords stored in the keychain, photos, call logs, contacts, browsing history, chat message history, and more. It takes a smash-and-grab approach: collecting and exfiltrating data quickly, then disengaging. Coruna is more targeted and persistent, focusing on stealing cryptocurrency wallet credentials and scanning notes for financial information.

Protection Is Simple

Happily, it’s easy to protect yourself against these and future vulnerabilities: keep your devices up to date. We’ve been beating that drum for years, but DarkSword and Coruna are sufficiently worrying that Apple published a dedicated support page urging users to update, saying: “Keeping your software up to date is the single most important thing you can do to maintain the security of your Apple products.”

If your iPhone is running the latest version of iOS it supports, you’re already protected. But if you’ve been putting off updates—or are still running an earlier version of iOS 18 to avoid iOS 26’s Liquid Glass interface redesign—your iPhone may be vulnerable. Happily, Apple has taken the unprecedented step of releasing an update to an older operating system—iOS 18.7.7—to protect users who don’t wish to upgrade to iOS 26. (You may have to scroll down in the Software Update screen to find it under Also Available.)

Check and Update Your Device

To check your iOS version, go to Settings > General > About and look at the iOS Version line.

DarkSword targets iPhones running iOS 18.4 through iOS 18.7.2. If you’re running iOS 18.7.3 or later, or have upgraded to iOS 26.3 or later, you’re protected. Although none of the DarkSword security reports specifically mention the iPad, it’s best to assume that the corresponding versions of iPadOS are similarly affected.

Coruna can compromise older iPhones and iPads running iOS 13.0 through iOS 17.2.1. Apple recently released iOS 15.8.7 and iOS 16.7.15 to address these vulnerabilities on devices that cannot run newer iOS versions. Devices running iOS 13 or iOS 14 must be upgraded to iOS 15.8.7. Devices running a vulnerable version of iOS 17 should update to the latest version of iOS their device supports.

You can update using Settings > General > Software Update to the latest version of iOS your device supports:

  • iPhone 11 and later (and other devices that support iOS 26): Update to either iOS 18.7.7 or iOS 26.4 or later.
  • iPhone XR, XS, and XS Max: Update to iOS 18.7.7, the latest version these devices support, which includes the DarkSword fixes.
  • Older devices that can’t run iOS 18 (iPhone 6s through iPhone X, plus various older iPads and 7th-generation iPod touch): Update to iOS 15.8.7 or iOS 16.7.15, depending on your device. Devices still running iOS 13 or 14 will need to upgrade to iOS 15.8.7.

If you cannot upgrade for some reason, Apple says that enabling Lockdown Mode in Settings > Privacy & Security > Lockdown Mode in iOS 16 and later will block DarkSword attacks. However, Lockdown Mode significantly degrades the iPhone experience by blocking most message attachment types, disabling certain Web technologies, limiting incoming FaceTime calls, and more. For most people, upgrading to the most recent version of iOS available is the better option.

These discoveries make it clear that installing security updates promptly is more important than ever. Sophisticated exploits that were once reserved for targeted attacks against activists and journalists are now being deployed more broadly. Check your iOS version today, update all your devices, and encourage family members and colleagues to do the same.

(Featured image by iStock.com/sqback)


Social Media: Two major iPhone exploit kits—DarkSword and Coruna—can steal passwords, messages, and photos from everyday users who visit an infected website. Check your iOS version and update immediately to protect yourself.

Similar Posts

  • Expand your mind…er..text

    Speed Up Your Fingers with Text Expansion

    With all the advances in computing and communications, it’s amazing that–after nearly 150 years!–we still use the keyboard layout from the world’s first practical typewriter for entering text into our Macs, iPhones, and iPads. Sure there are some improving dictation solutions out there but typing is by far how we input text. But we have not gotten that much better as typists, nor do we enjoy typing more–if anything, we increasingly abbreviate to avoid typing, hence “LOL, BRB, etc.” Text messaging aside, wouldn’t it be nice to be able to type less without compromising meaning or making your text look like it was composed by a trained monkey? Thanks to text expansion features built into OS X and iOS, and extended with third-party utilities, you can.

    For basic text expansion capabilities in OS X, look in System Preferences > Keyboard > Text, and in iOS 9, go to Settings > General > Keyboard > Text Replacement. For both, you can enter a phrase, and a shortcut that expands into that phrase when typed and followed by a space or punctuation character. (Tip: If text expansion doesn’t work in a Mac app like Mail or Safari, make sure Edit > Substitutions > Text Replacement is selected.)

    If you’re signed into the same iCloud account on both your Mac and your iPhone, for instance, the text expansions sync between them automatically. So, you can type “smh” and tap the Space bar to get “Shaking my head!” typed out for you, regardless of what device you’re using. (Another tip: don’t create abbreviations that you will also want to type normally. It might seem like a good idea to use “np” for “No Problem,” but that will get in the way of talking about Nurse Practitioners.)

    With such a useful feature built into OS X and iOS, why would you want to spend money on a third-party utility, like “**TextExpander**”:https://smilesoftware.com/textexpander (Mac and iOS), “**Typinator**”:http://www.ergonis.com/products/typinator/ (Mac), or “**TypeIt4Me**”:http://www.ettoresoftware.com/products/typeit4me/. Unfortunately, OS X’s text expansion feature doesn’t work in all apps (it likely won’t work if the app lacks the Edit > Substitutions > Text Replacement menu command). The interface for creating new substitutions is cramped and hard to work with, you can’t configure the trigger characters that cause abbreviations to expand, and you can’t include text with styles, variable text like the date, or even graphics.

    That’s where text expansion utilities shine. They can include styled text and graphics in expansions, insert the current date and time, respect case when expanding abbreviations, include the contents of the clipboard in expanded text, automatically fix common typos, create fill-in-the-blanks snippets that you customize on each expansion, and much more.

    Here are some ideas for the kinds of things you might want to turn over to your computer for typing:
    Long or complex words or phrases, such as scientific names. Aedes aegypti, anyone?

    *Your address, phone number, and email address. One of my favorites is “@d” which inserts my email address. I get real tired of typing email address, phone numbers, etc. Text expansion speeds that up!

    *Boilerplate text for common email replies.

    *The current date and/or time.

    *Special characters, so blb could expand to the British pound symbol £.

    *Unix commands for Terminal, such as using ssh to log in to a remote computer.

    I am sure you can come up with dozens that might work for you and speed up your typing. So think about what bit of text you might want expand automatically and give text expansion a try today!