Hacker Pranks – Fake Hacking Simulations & Tech Pranks

# Coruna: A US Government iPhone-Hacking Toolkit Used by Foreign Spies and Cybercriminals

A highly sophisticated iPhone-hacking toolkit, dubbed "Coruna," has been spotted in use by both foreign spies and cybercriminal groups, raising concerns about the proliferation of powerful hacking tools created for or sold to governments. The toolkit, which includes five complete hacking techniques capable of bypassing all defenses of an iPhone, takes advantage of 23 distinct vulnerabilities in iOS.

According to a report released by Google, Coruna was first spotted in use in February last year and attributed to a "customer" of a surveillance company. However, five months later, the toolkit reappeared in an espionage campaign carried out by a suspected Russian spy group, which hid the hacking code in a common visitor-counting component of Ukrainian websites. This was followed by its use in a purely profit-focused hacking campaign, infecting Chinese-language crypto and gambling sites to deliver malware that steals victims' cryptocurrency.

Security researchers at Google note that Coruna's code appears to have been originally written by English-speaking coders, with the toolkit bearing hallmarks of other modules attributed to the US government. The company's report suggests that the proliferation of this highly valuable and rare hacking toolkit is likely due to an active market for "second-hand" zero-day exploits.

The origins of Coruna are still unclear, but if it was indeed created by a US contractor and sold to the American government, it raises questions about the security of mobile devices in a world where sophisticated hacking tools can leak to adversaries. This phenomenon is reminiscent of the EternalBlue moment for mobile malware, where highly advanced hacking tools were stolen from the National Security Agency and used in catastrophic cyberattacks.

In its report, Google notes that Apple patched vulnerabilities used by Coruna in the latest versions of iOS 26, so its exploitation techniques are only confirmed to work against iOS 13 through 17.2.1. The toolkit targets vulnerabilities in Apple's Webkit framework for browsers, leaving Safari users on older versions of iOS vulnerable.

Despite these limitations, iVerify estimates that roughly 42,000 devices may have already been infected with the toolkit in a purely profit-focused campaign alone. Just how many other victims Coruna may have hit remains unclear.

The analysis of Coruna's code by iVerify suggests that it was originally created as a highly sophisticated iPhone-hacking toolkit, possibly for use by the US government. However, if this is indeed the case, it also raises questions about the security of mobile devices and how powerful hacking tools can be used to target unsuspecting users.

In conclusion, Coruna represents a disturbing trend in the world of cybersecurity, where powerful hacking tools are being used by both foreign spies and cybercriminal groups. The fact that these tools were likely created for or sold to governments raises serious questions about security and accountability. As the industry of brokers who sell zero-day hacking techniques continues to thrive, it is essential for lawmakers and regulators to take action to prevent the misuse of these powerful tools.

### Key Takeaways:

* Coruna is a highly sophisticated iPhone-hacking toolkit that includes five complete hacking techniques. * The toolkit takes advantage of 23 distinct vulnerabilities in iOS. * Coruna was first spotted in use by foreign spies, then reappeared in an espionage campaign carried out by a suspected Russian spy group, and finally in a purely profit-focused hacking campaign. * The origins of Coruna are still unclear, but if it was created by a US contractor and sold to the American government, it raises serious questions about security and accountability. * Apple has patched vulnerabilities used by Coruna in the latest versions of iOS 26.

### What's Next?

As the use of powerful hacking tools like Coruna continues to grow, it is essential for lawmakers and regulators to take action to prevent their misuse. This may involve implementing stricter regulations on the sale and trade of zero-day hacking techniques, as well as increasing awareness about the risks associated with these powerful tools.

In addition, mobile security companies are working around the clock to analyze and mitigate the effects of Coruna and other similar threats. As this landscape continues to evolve, it is essential for users to remain vigilant and take steps to protect themselves from the potential risks associated with these powerful hacking tools.

HACKER_BLOG

A POSSIBLE US GOVERNMENT IPHONE-HACKING TOOLKIT IS NOW IN THE HANDS OF FOREIGN SPIES AND CRIMINALS

HACKER_BLOG

A POSSIBLE US GOVERNMENT IPHONE-HACKING TOOLKIT IS NOW IN THE HANDS OF FOREIGN SPIES AND CRIMINALS

RELATED POSTS

‘I can think of a couple Pretti Good reasons!’: Hacktivists may have just cracked open ICE and exposed over 6,000 companies working with the DHS

Project Compass Targets 764 Network as 30 Arrested and Victims Rescued

Israeli spies spent years hacking every camera in Tehran to monitor Ayatollah Ali Khamenei: report