DarkSword: The Zero-Click iOS Exploit Chain That's Draining Crypto Wallets in Under 60 Seconds

DarkSword: The Zero-Click iOS Exploit Chain That's Draining Crypto Wallets in Under 60 Seconds On March 18, 2026, Google Threat Intelligence Group (GTIG), Lookout, and iVerify jointly disclosed DarkSword — a full-chain iOS exploit kit that chains six vulnerabilities (three zero-days) to achieve complete iPhone takeover without any user interaction . The kit specifically targets crypto wallets, seed phrases, and private keys, exfiltrating everything within seconds before wiping forensic traces. If you hold crypto on an iPhone running iOS 18.4 through 18.7 and haven't updated, your funds may already be compromised. The Kill Chain: Six Links, Zero Clicks DarkSword is not a single vulnerability. It's an engineered attack pipeline that escalates from a poisoned webpage to full kernel control: Stage 1 — Remote Code Execution (WebKit) The victim visits a legitimate but compromised website via Safari. An invisible iFrame loads JavaScript that fingerprints the device. If the target runs iOS 18.