Double-edged threat.

Double-edged threat.

From Research Saturday by N2K Networks

May 2, 2026 · 31 min · Season 10 · Episode 423

About this episode

The episode discusses a sophisticated iOS exploit chain called DarkSword that threatens iOS users, particularly in Ukraine.

Today we are joined by Justin Albrecht, Principal Researcher at Lookout, discussing "Attackers Wielding DarkSword Threaten iOS Users." DarkSword is a highly sophisticated iOS exploit chain discovered by Lookout that targets iPhones (iOS 18.4–18.6.2), enabling near zero-click compromise and rapid theft of sensitive data, including credentials and cryptocurrency wallet information. Likely deployed by a Russia-linked threat actor (UNC6353) against Ukrainian users, it uses watering hole attacks on compromised websites and operates in a “hit-and-run” fashion—exfiltrating data within minutes before wiping traces. The campaign highlights a growing secondary market for advanced exploits, allowing financially motivated groups to access powerful tools once reserved for state actors, significantly expanding the mobile threat landscape. The research and executive brief can be found here: ⁠Attackers Wielding DarkSword Threaten iOS Users Learn more about your ad choices. Visit megaphone.fm/adchoices

People in this episode

Guest: Justin Albrecht

Topics covered

  • iOS security
  • cyber threats
  • data theft
  • exploit chains
  • mobile security
  • cyber warfare

Keywords

  • DarkSword
  • iOS exploit
  • cybersecurity
  • data exfiltration
  • threat actors
  • mobile threats
  • watering hole attacks

Mentioned in this episode

Organizations: Lookout, UNC6353

Products: iOS

Places: Ukraine

More episodes of Research Saturday

Explore listener stats, chart rankings, contacts and more on the Research Saturday podcast page.