
Double-edged threat.
From Research Saturday by N2K Networks
May 2, 2026 · 31 min · Season 10 · Episode 423
About this episode
The episode discusses a sophisticated iOS exploit chain called DarkSword that threatens iOS users, particularly in Ukraine.
Today we are joined by Justin Albrecht, Principal Researcher at Lookout, discussing "Attackers Wielding DarkSword Threaten iOS Users." DarkSword is a highly sophisticated iOS exploit chain discovered by Lookout that targets iPhones (iOS 18.4–18.6.2), enabling near zero-click compromise and rapid theft of sensitive data, including credentials and cryptocurrency wallet information. Likely deployed by a Russia-linked threat actor (UNC6353) against Ukrainian users, it uses watering hole attacks on compromised websites and operates in a “hit-and-run” fashion—exfiltrating data within minutes before wiping traces. The campaign highlights a growing secondary market for advanced exploits, allowing financially motivated groups to access powerful tools once reserved for state actors, significantly expanding the mobile threat landscape. The research and executive brief can be found here: Attackers Wielding DarkSword Threaten iOS Users Learn more about your ad choices. Visit megaphone.fm/adchoices
People in this episode
Guest: Justin Albrecht
Topics covered
- iOS security
- cyber threats
- data theft
- exploit chains
- mobile security
- cyber warfare
Keywords
- DarkSword
- iOS exploit
- cybersecurity
- data exfiltration
- threat actors
- mobile threats
- watering hole attacks
Mentioned in this episode
Organizations: Lookout, UNC6353
Products: iOS
Places: Ukraine
More episodes of Research Saturday
- The skills pay the bills. · May 30, 2026 · 24 min
- Ghosted by Grafana · May 23, 2026 · 26 min
- Scam papers served. · May 16, 2026 · 27 min
- The spy who logged me in. · May 9, 2026 · 24 min
- A QRazy clever scam. · April 25, 2026 · 19 min
- A new breed of RAT. · April 18, 2026 · 22 min
Explore listener stats, chart rankings, contacts and more on the Research Saturday podcast page.