Reports: Uncovered a sophisticated iPhone spyware campaign embedded in dozens of websites
Researchers have reportedly uncovered a sophisticated iPhone spyware campaign embedded in dozens of websites, potentially affecting hundreds of millions of devices.
A sophisticated software exploit capable of breaching and extracting data from potentially hundreds of millions of Apple iPhones was recently embedded across dozens of websites in Ukraine, researchers said on Wednesday, according to Reuters.
The finding marks the second instance this month of researchers uncovering spyware aimed at iPhones and other Apple devices.
“There’s now a verified pipeline of recent exploits … that have ended up in the hands of potentially criminal entities with a financial focus,” Justin Albrecht, principal researcher with Lookout, told Reuters.
Google said its researchers observed multiple commercial vendors and suspected state-linked hackers deploying Darksword in separate campaigns targeting users in Saudi Arabia, Turkey, Malaysia and Ukraine.
The operations in Malaysia and Turkey were linked to Turkish commercial surveillance firm PARS Defense, Google said. PARS Defense did not respond to a request for comment.
Researchers at iVerify and Lookout said the malware was delivered to iPhone users running iOS versions 18.4 through 18.6.2 who visited dozens of compromised Ukrainian websites. Apple released those versions between March and August 2025.
Researchers said it remains unclear how many iPhones are vulnerable to Darksword.
Apple has issued multiple patches for the underlying flaws exploited by the spyware, but many users have yet to update their devices.
