DarkSword

Technology

Last mentioned: Mar 23, 2026

Timeline

  1. Industry Response

    Cybersecurity firms begin updating threat signatures to detect DarkSword-based spyware deployments.

  2. Mirroring Commences

    The exploit kit is mirrored across Telegram and alternative hosting sites, making total removal impossible.

  3. Initial Leak

    The DarkSword repository is discovered on GitHub, containing functional exploit code for iOS.

  4. Public Reporting

    TechCrunch and Yahoo Tech publish reports detailing the threat to millions of legacy iPhone users.

  5. Mitigation Phase

    Security experts recommend users audit their mobile wallet permissions and update iOS devices.

  6. Industry Warning

    Cybersecurity analysts issue warnings to iOS users regarding mobile wallet security.

  7. Industry Alert

    Security news outlets begin reporting on the specific risks to iOS users.

  8. Malware Flagged

    Google Threat Intelligence officially identifies Ghostblade as a crypto-stealing threat.

  9. Lineage Confirmed

    Researchers link Ghostblade to the established DarkSword malware family.

  10. Initial Discovery

    Google Threat Intelligence flags Ghostblade as a new crypto-stealing threat.

  11. Family Identification

    Researchers link Ghostblade to the existing DarkSword malware lineage.

Stories mentioning DarkSword 3

security Very Bearish

DarkSword Exploit Kit Leaked on GitHub, Threatening Millions of Legacy iPhones

A sophisticated exploit kit dubbed "DarkSword" has been publicly leaked on GitHub, providing cybercriminals with tools to compromise millions of iPhones running older iOS versions. The leak enables the deployment of spyware, highlighting the persistent security risks faced by users on legacy mobile operating systems.

2 sources