Hacker Pranks – Fake Hacking Simulations & Tech Pranks

# "Coruna" Exploit Kit: A Shadowy Hacking Tool Putting Vulnerable iPhones at Risk The latest cybersecurity threat alert highlights a sophisticated hacking tool, known as "Coruna," that can remotely target vulnerable iPhones using 23 different attacks. Developed by an unknown entity, this exploit kit leverages five full iOS exploit chains to infect devices running older versions of the operating system.

The Coruna exploit kit was first discovered by Google's Threat Intelligence Group in February 2025 and has since been linked to various malicious activities. According to Google, the framework used by Coruna is identical and delivers the same set of exploits across different platforms. This suggests that a well-funded spyware vendor developed and sold the Coruna exploit kit, leading to its proliferation.

One of the most concerning aspects of Coruna is its ability to secretly deliver a program called "PlasmaLoader," which grants root access to iOS and allows for additional modules to be run in the background. Google recovered the payload from fake Chinese websites running Coruna and found PlasmaLoader can collect snippets of text from an infected iPhone, likely to steal financial information.

The exploit kit targets vulnerabilities in Apple's Safari browser and can infect devices with a single tap from the user. While it is primarily designed for cybercrime attacks, Coruna has also been linked to suspected Russian espionage group activities.

Fortunately, Google notes that Coruna can only exploit previously patched vulnerabilities in iOS 13.0 through iOS 17.2.1, which arrived in December 2023. However, this does not provide a permanent solution, as Android phones have long dominated the Chinese market, and iPhone users are still vulnerable to attacks.

The latest version of iOS is now at version 26, making it more secure against Coruna's attacks. Google urges iPhone users to update their devices to the latest version and activates Lockdown Mode, introduced in 2022, to protect iPhone users from spyware threats.

To avoid falling victim to this exploit kit, it is essential for iPhone users to keep their devices up-to-date and be cautious when visiting websites. Additionally, security vendors like iVerify have tracked Coruna to a Chinese web domain and found it can enable attacks requiring only one tap from the user.

In conclusion, the Coruna exploit kit highlights the ongoing threat of sophisticated hacking tools in the cybersecurity landscape. As the threat actor's motivations shift between espionage and cybercrime, it is crucial for users to remain vigilant and take proactive measures to protect themselves against such threats.

Key Facts:

* 23 different attacks are used by the Coruna exploit kit to hack vulnerable iPhones. * The exploit kit targets vulnerabilities in Apple's Safari browser. * Coruna can only exploit previously patched vulnerabilities in iOS 13.0 through iOS 17.2.1. * The latest version of iOS is at version 26, making it more secure against Coruna's attacks. * Security vendors have tracked the Coruna kit to a Chinese web domain and found it can enable attacks requiring only one tap from the user.

Stay safe online by staying informed about emerging threats like the Coruna exploit kit.

HACKER_BLOG

THIS IOS 'EXPLOIT' KIT CAN HACK VULNERABLE IPHONES USING 23 DIFFERENT ATTACKS

HACKER_BLOG

THIS IOS 'EXPLOIT' KIT CAN HACK VULNERABLE IPHONES USING 23 DIFFERENT ATTACKS

RELATED POSTS

‘I can think of a couple Pretti Good reasons!’: Hacktivists may have just cracked open ICE and exposed over 6,000 companies working with the DHS

Project Compass Targets 764 Network as 30 Arrested and Victims Rescued

Israeli spies spent years hacking every camera in Tehran to monitor Ayatollah Ali Khamenei: report