Escalating risks tied to advanced mobile threats are drawing scrutiny after Binance warned of a critical iOS vulnerability on March 20 via X, linking it to the Darksword exploit chain. The issue affects Apple devices running iOS 18.4 through 18.7 and enables covert access to sensitive data.

Binance wrote:

“Apple is urging iPhone/iPad users to update iOS immediately.”

The alert referenced research from the Google Threat Intelligence Group, which identified Darksword as a full-chain exploit built on multiple zero-day vulnerabilities, meaning previously unknown software flaws that attackers can exploit before developers release fixes.

According to the findings, the exploit chain has been in use since at least November 2025 and has been adopted by multiple threat actors, including commercial surveillance vendors and suspected state-backed groups. Campaigns have targeted users in Saudi Arabia, Turkey, Malaysia, and Ukraine, often using compromised or spoofed websites to silently deliver malicious code.

Technically, Darksword combines six vulnerabilities to gain complete control over affected devices and deploy malware such as GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER. These payloads are capable of extracting extensive data, including account credentials, communications, location history, and cryptocurrency wallet information, while also removing system logs to avoid detection.

The exploit’s ability to execute automatically without user interaction significantly increases its impact, particularly for routine web browsing. Users are urged to install the latest iOS updates, limit exposure to untrusted links, review application permissions, and strengthen account protections such as two-factor authentication and withdrawal safeguards. Binance cautioned:

“The exploit may be triggered automatically without any user interaction, allowing attackers to extract sensitive data, including crypto wallet information. The malware may also erase its traces after execution, making detection extremely difficult.”

• Why is the Darksword exploit significant for crypto users?
  It can silently access and extract cryptocurrency wallet data without user interaction.
• Which devices are most at risk from this vulnerability?
  Apple devices running iOS 18.4 through 18.7 are specifically affected.
• What makes this exploit especially dangerous?
  It uses zero-day flaws and leaves little to no trace after execution.
• What should investors and users do immediately?
  Update iOS, enable strong security settings, and avoid suspicious links.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。