Very shortly after the alert was raised for the exploit kit known as Coruna, mobile device security returns to the spotlight due to an unprecedented threat.
A group of researchers from Google, in collaboration with the mobile security company iVerify and the information technology company Lookout, has identified a new and sophisticated malicious program dubbed Darksword.
Just like its predecessor, this tool focuses on theft of financial data, targeting in particular the credentials and sensitive information contained in the cryptocurrency wallets of the affected users.
Millions of iPhones vulnerable, Google discovers a new malware
The scale of the discovery is far from negligible. Initial analyses indicate that Darksword could potentially compromise hundreds of millions of devices worldwide.
Researchers have already traced targeted campaigns that exploit this malware against specific targets located in Saudi Arabia, Turkey, Malaysia and Ukraine.
The threat infiltrates mainly through outdated operating system versions, specifically iOS iterations between 18.4 and 18.6.2, originally released in 2025.
Although a large portion of users has enabled automatic updates, thus moving to the latest and most secure iOS 26, statistics show a worrying figure: about 270 million iPhones in circulation are still running vulnerable software and are therefore directly exposed to attacks.
Apple’s stance and the countermeasures taken
In light of these details, the Cupertino company has provided timely clarifications. Apple confirmed that intrusions focus almost exclusively on smartphones equipped with now obsolete system versions.
The vulnerabilities exploited by Darksword, in fact, have long been fixed through the multiple updates released over the past years.
The company reiterates that the most effective way to keep the solid defenses integrated into its devices intact remains to regularly install the updates proposed.
Moreover, to curb the spread of the program, the domains identified by Google as harmful have already been blocked through Safari’s Safe Browsing system, thereby preventing consumers from inadvertently accessing dangerous pages.
