iPhone spyware DarkSword hits Malaysia, exposing spread of sophisticated hacking tools

South China Morning Post National SecurityNews ReportEN 1 min read 100% complete by Ushar DanieleMarch 24, 2026 at 01:31 PM

Read Original Article

AI Summary

short article 1 min

A new iPhone spyware operation called DarkSword has been discovered targeting users in Malaysia, Ukraine, Saudi Arabia, and Turkey. Researchers from iVerify, Google, and Lookout uncovered the spyware, which is spread through compromised websites using a "watering hole" tactic to silently infect iPhones. DarkSword can steal sensitive data, including messages, call logs, location history, and health records. Google's Threat Intelligence Group identified multiple users of the DarkSword exploit chain dating back to November 2023, including commercial surveillance vendors like PARS Defence and a suspected Russian espionage group, UNC6353. The discovery highlights the increasing proliferation of sophisticated mobile hacking tools among commercial and potentially state-linked actors.

Article Analysis

Framing Angle

National Security

Primary framing

Technology

Secondary framing

Measured

Sensationalism

Factual

Fact vs Opinion

OpinionFactual

Sources Cited

Well sourced

AI-powered analysis of article framing, tone, and source quality. Scores help identify potential bias and information quality.

Key Claims (5)

AI-Extracted

Multiple commercial surveillance vendors and suspected state-linked actors had used DarkSword.

factual — Google’s Threat Intelligence Group (GTIG)100% confidence

DarkSword could compromise vulnerable iPhones and siphon off sensitive data.

factual — Researchers at iVerify, working with Google and Lookout100% confidence

Researchers at iVerify, Google, and Lookout uncovered DarkSword.

factual100% confidence

DarkSword was observed targeting entities in Malaysia, Ukraine, Saudi Arabia and Turkey.

factual100% confidence

Malaysian users are among victims targeted by iPhone spyware operation DarkSword.

factual100% confidence

Claims are automatically extracted and should be independently verified. Attribution indicates the stated source of the claim.

Key Entities & Roles

Key Player Opposition Context

Coruna 50% Ukraine 60% Saudi Arabia 60% Lookout 60% Turkey 70% iVerify 70% UNC6353 70% PARS Defence 70% Google ×280% Google Threat Intelligence Group (GTIG) ×280% Malaysia ×290% DarkSword ×5100%

Keywords

iphone spyware 100% darksword 90% mobile hacking 80% spyware 70% watering hole attack 60% threat actors 50% data siphoning 50% cybersecurity 40% mobile security 40%

Sentiment Analysis

Very Negative

Score: -0.60

Source Transparency

Source

South China Morning Post

Article Type

News Report

Classification Confidence

90%

Geographic Perspective

Malaysia

This article was automatically classified using rule-based analysis.

Topic Connections

Explore how the topics in this article connect to other news stories

No topic relationship data available yet. This graph will appear once topic relationships have been computed.

iphone spyware darksword mobile hacking spyware watering hole attack threat actors data siphoning cybersecurity mobile security

Explore Full Topic Graph

Find Similar Articles

AI-Powered

Discover articles with similar content using semantic similarity analysis.