Two iPhone Exploit Kits Mean You Should Update iOS Now

ByMike Moffit

The discovery of two sophisticated iPhone exploit kits—DarkSword and Coruna—within weeks of each other signals a troubling shift. Unlike previous spyware attacks that targeted high-profile users, these exploit kits have been deployed via compromised legitimate websites, so anyone who visits an infected site could fall victim, with no additional clicks or downloads required. This suggests that exploit brokers are now selling tools to multiple buyers, including financially motivated hacking organizations.

Making matters worse, the complete DarkSword exploit code was published to GitHub, making it easy for any hacker to deploy. Security researchers warn that the exploits “will work out of the box” with no iOS expertise required—anyone could copy and paste the code and have it running on a server within hours.

Because it ultimately operates with elevated system privileges, DarkSword can silently harvest alarming amounts of data from vulnerable iPhones, including passwords stored in the keychain, photos, call logs, contacts, browsing history, chat message history, and more. It takes a smash-and-grab approach: collecting and exfiltrating data quickly, then disengaging. Coruna is more targeted and persistent, focusing on stealing cryptocurrency wallet credentials and scanning notes for financial information.

Protection Is Simple

Happily, it’s easy to protect yourself against these and future vulnerabilities: keep your devices up to date. We’ve been beating that drum for years, but DarkSword and Coruna are sufficiently worrying that Apple published a dedicated support page urging users to update, saying: “Keeping your software up to date is the single most important thing you can do to maintain the security of your Apple products.”

If your iPhone is running the latest version of iOS it supports, you’re already protected. But if you’ve been putting off updates—or are still running an earlier version of iOS 18 to avoid iOS 26’s Liquid Glass interface redesign—your iPhone may be vulnerable. Happily, Apple has taken the unprecedented step of releasing an update to an older operating system—iOS 18.7.7—to protect users who don’t wish to upgrade to iOS 26. (You may have to scroll down in the Software Update screen to find it under Also Available.)

Check and Update Your Device

To check your iOS version, go to Settings > General > About and look at the iOS Version line.

DarkSword targets iPhones running iOS 18.4 through iOS 18.7.2. If you’re running iOS 18.7.3 or later, or have upgraded to iOS 26.3 or later, you’re protected. Although none of the DarkSword security reports specifically mention the iPad, it’s best to assume that the corresponding versions of iPadOS are similarly affected.

Coruna can compromise older iPhones and iPads running iOS 13.0 through iOS 17.2.1. Apple recently released iOS 15.8.7 and iOS 16.7.15 to address these vulnerabilities on devices that cannot run newer iOS versions. Devices running iOS 13 or iOS 14 must be upgraded to iOS 15.8.7. Devices running a vulnerable version of iOS 17 should update to the latest version of iOS their device supports.

You can update using Settings > General > Software Update to the latest version of iOS your device supports:

  • iPhone 11 and later (and other devices that support iOS 26): Update to either iOS 18.7.7 or iOS 26.4 or later.
  • iPhone XR, XS, and XS Max: Update to iOS 18.7.7, the latest version these devices support, which includes the DarkSword fixes.
  • Older devices that can’t run iOS 18 (iPhone 6s through iPhone X, plus various older iPads and 7th-generation iPod touch): Update to iOS 15.8.7 or iOS 16.7.15, depending on your device. Devices still running iOS 13 or 14 will need to upgrade to iOS 15.8.7.

If you cannot upgrade for some reason, Apple says that enabling Lockdown Mode in Settings > Privacy & Security > Lockdown Mode in iOS 16 and later will block DarkSword attacks. However, Lockdown Mode significantly degrades the iPhone experience by blocking most message attachment types, disabling certain Web technologies, limiting incoming FaceTime calls, and more. For most people, upgrading to the most recent version of iOS available is the better option.

These discoveries make it clear that installing security updates promptly is more important than ever. Sophisticated exploits that were once reserved for targeted attacks against activists and journalists are now being deployed more broadly. Check your iOS version today, update all your devices, and encourage family members and colleagues to do the same.

(Featured image by iStock.com/sqback)

Social Media: Two major iPhone exploit kits—DarkSword and Coruna—can steal passwords, messages, and photos from everyday users who visit an infected website. Check your iOS version and update immediately to protect yourself.

Similar Posts

  • Errata

    Last week a typo slipped by our proofers. Command+M is not open a new document but that command is Command+N. Sorry about that. To make up for it here are a couple more keyboard combinations you might find handy:

    **Command-Option-Esc** – If an app stops responding, you might need to force it to quit. You can do that with a right click on the app icon in the dock, but it’s even easier if you hit this keyboard shortcut. This will bring up the Force Quit dialog, which you can then use to make that non-responsive app quit. You might need to Command-Tab you way out of an active frozen app first, though, or use **Command+Shift+Option+Esc** to quit the currently active app.

    **Command-Option-P and R** – Here’s one that might challenge your fingers dexterity. Fortunately, you will hardly ever have to use it but it is used to reset your non-volatile random access memory (NVRAM). Information stored in NVRAM can include speaker volume, screen resolution, start-up disk selection and recent kernel panic information. If you are asked to reset your P-Ram or NVRAM here’s how you do it.

    1) Shut down your Mac
    2) Turn on your Mac
    3) Immediately after you hear the start up sound, hold down the command, option, P and R keys
    4) Hold those keys down until you hear the start up sound again and then release them.

  • _Dear Friends,_

    New data from Piper Jaffray’s teen survey show that Apple is dominating that market at least as far as mobile devices are concerned. They have 71% of the teen market for smart watches and almost 70% for iPhones and 64% for iPad. Another survey has Apple Mac sales showing positive growth while literally the entire PC market is in decline.

    I have been playing around with Amazon’s Echo and I have to say that I like it a lot. I wake up each morning and say “Alexa, what’s new?” and I get the news reports from NPR, CNN, Huffington Post and BBC as well as ESPN Sports and the local weather report. During the day, I ask Alexa to “play the blues” or “play some classical music” and while the speaker is not as good as my Sonos system it does fill the room. I can be around the corner or across the room and the Echo can hear me. Apple needs to step it up a bit and get Siri on the Mac or even better yet, integrated into their networking gear. I would love to be able to tell my Sonos app to play my music from my iTunes library!

    Speaking of networking here’s a Kibbles & Bytes exclusive! This isn’t for everyone but if you have a big house and your Wi-Fi signal isn’t reaching that far corner of the house this could solve three problems for you! I am bundling the Apple Factory Refurbished 3TB Time Capsule with an Apple Factory Refurbished Airport Express. Both have the same 1-year Apple warranty as new but you can save some bucks. The 3TB Time Capsule gives you the Airport Extreme wireless access point and automatic wireless back-ups to the integrated 3 terabyte drive. The Airport Express allows you to extend that wireless network. Normally “**this bundle**”:http://www.smalldog.com/wag900002195/extend-your-network-and-back-up-your-data-for-only-325-99? is around $500 new, but this week for Kibbles & Bytes readers, while supplies last you can buy this refurbished bundle for only “**$325.99!**”:http://www.smalldog.com/wag900002195/extend-your-network-and-back-up-your-data-for-only-325-99?