iPhone users in Europe and worldwide have become the target of a new, sophisticated hacker attack spread through infected Ukrainian websites. The threat is real and requires immediate action to protect personal data and device security. The campaign is highly likely backed by Russian hackers, as reported by the news agency Reuters citing security researchers. The attackers have compromised dozens of legitimate Ukrainian websites and equipped them with malware known as "Darksword." If iPhone users visit one of these sites, the malware can be installed in the background without the user noticing. The software is a so-called "zero-click exploit." It exploits a previously unknown security vulnerability in iOS that allows the device to be infected without the user having to click on a suspicious link or download a file. Simply visiting the website is enough. Once installed, Darksword can extract extensive data from the iPhone – from messages and contacts to location data and passwords.
The security researchers who discovered the attack attribute it to a long-running espionage campaign known as "Operation Triangulation," which is linked to a hacker group associated with the Russian state. The choice of Ukrainian websites as a vehicle highlights the geopolitical backdrop of the cyberattack in the context of the war.
For iPhone owners, the most important measure is simple but crucial: they must immediately update their operating system to the latest version of iOS. Apple has already patched the exploited security vulnerability with a recently released update. Those who have installed the current software are protected, while those who delay their update remain vulnerable.
The threat once again demonstrates how cyberattacks are increasingly being used as tools of hybrid warfare. Not only Ukrainian infrastructure but also the devices of uninvolved citizens are being targeted. The attack underscores the importance of regular software updates—a seemingly mundane but vital digital hygiene practice for every user.
What happens next depends on user reactions and the ongoing work of security researchers. Apple and other tech companies will continue searching for similar vulnerabilities and providing patches. For consumers, the clear message remains: in an increasingly connected and conflict-ridden world, keeping smartphone software up-to-date is not a technical detail but a fundamental question of personal security.
