Apple iOS Malware Targets Crypto Apps on Unpatched iPhones: Google

March 20, 2026
11:51 am

Apple iOS Malware Targets Crypto Apps on Unpatched iPhones: Google

In brief

Google researchers have identified an iOS exploit chain called DarkSword that works against iPhones running iOS versions 18.4 through 18.7.
The exploit can be used to deliver Ghostblade malware that specifically targets crypto exchange and wallet apps.
Campaigns using DarkSword have been observed in Saudi Arabia, Turkey, Malaysia, and Ukraine, with some attacks compromising government websites.

Google researchers have identified an iOS exploit chain being used in the wild that can be used to deliver malware that specifically targets cryptocurrency apps on vulnerable iPhones.

The exploit, dubbed DarkSword, leverages six vulnerabilities to deploy malware on devices running iOS versions 18.4 through 18.7, according to the research.