Google Warns: "DarkSword" iPhone Exploit Stealing Crypto Wallets and Personal Data

Google just revealed a dangerous new iPhone exploit called "DarkSword" that can steal your crypto wallets, passwords and private data.

This is the second major iOS attack discovered this month.

Who is at risk?
iPhones running iOS 18.4 to 18.7. Around 270 million devices could be vulnerable.

What can DarkSword steal?
→ Crypto wallet data and seed phrases
→ Saved passwords
→ Telegram, WhatsApp and iMessage chats
→ Photos and location history
→ Even record audio from your microphone

How does it work?
You visit a fake or compromised website. Hidden code silently exploits your iPhone using 6 vulnerabilities including 3 zero-days. No clicks needed. No warnings shown. Full device takeover happens in the background.

Who is Behind it?
Google linked DarkSword to Russian espionage group UNC6353, Turkish surveillance vendor PARS Defense and another threat cluster UNC6748. Targets include users in Ukraine, Saudi Arabia, Turkey and Malaysia.

Researchers also confirmed attackers are specifically hunting for crypto wallet apps, seed phrases and financial data.

How to stay safe:
✅ Update to iOS 26.3 immediately
✅ Enable Apple Lockdown Mode
✅ Never store seed phrases on your phone
✅ Avoid suspicious crypto and social media websites
✅ Use a hardware wallet for significant holdings

Apple has patched all 6 vulnerabilities. If your iPhone is updated, you are protected.

Don't delay your update. One visit to the wrong website could drain your entire wallet.

Source: Google Threat Intelligence Group, March 2026