Russia-linked hackers are using a powerful iPhone exploit called DarkSword to target Ukrainian users, stealing sensitive data and disappearing without a trace, cybersecurity researchers revealed. (The Record from Recorded Future)

A group of hackers believed to be linked to Russia has deployed a sophisticated iPhone exploit to target individuals in Ukraine, raising fresh concerns about mobile cybersecurity and state-backed surveillance.

According to cybersecurity researchers, the attack uses a tool known as DarkSword, which allows attackers to gain access to iPhones with minimal or no user interaction. Once inside, the malware can quickly extract sensitive information, including personal data, messages, and browsing activity. (The Record from Recorded Future)

Experts say the exploit is particularly dangerous because it operates as a “hit-and-run” attack — stealing data within minutes and then removing traces of the intrusion, making detection extremely difficult. (The Record from Recorded Future)

The campaign has reportedly been active since late 2025 and primarily targets users visiting compromised Ukrainian websites, a tactic known as a “watering hole” attack. (The Record from Recorded Future)

Researchers have linked the activity to a threat actor identified as UNC6353, which has previously used similar exploit chains in cyber-espionage campaigns against Ukrainian targets.

This incident highlights the growing use of advanced mobile spyware in geopolitical conflicts, particularly in the ongoing cyber dimension of the Russia-Ukraine war. Security analysts warn that such tools are becoming more sophisticated, faster, and harder to detect.

Experts strongly advise users to keep their devices updated with the latest security patches and avoid visiting suspicious or unknown websites to reduce the risk of exploitation.

Don’t miss updates! Follow us on Twitter & Facebook. 🔔