A Highly Sophisticated iPhone Hacking Toolkit Has Fallen into the Wrong Hands

In a recent security report, researchers at Google have uncovered a highly sophisticated iPhone hacking toolkit known as "Coruna," which possibly originated from a US government contractor. The toolkit has been used in various malicious campaigns, including suspected Russian espionage operations and crypto-stealing criminal attacks. Despite Apple's patches to newer iOS versions, tens of thousands of devices may already be compromised.

The Coruna toolkit includes five complete hacking techniques that can bypass all the defenses of an iPhone, allowing malware to silently install itself on a device when it visits a website containing exploitation code. This is achieved by exploiting 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers.

Google traces components of Coruna to hacking techniques spotted in use in February last year and attributed to what they describe only as a "customer of a surveillance company." Five months later, a more complete version of Coruna reappeared in an espionage campaign carried out by a suspected Russian spy group. The code was hidden in a common visitor-counting component of Ukrainian websites.

Once again, Coruna was spotted in use in a purely profit-focused hacking campaign, infecting Chinese-language crypto and gambling sites to deliver malware that steals cryptocurrency from victims. It's worth noting that the original surveillance company "customer" who deployed Coruna may have been a US government contractor, according to mobile security company iVerify.

iVerify suggests that Coruna contains multiple components previously used in a hacking operation known as "Triangulation" targeting Russian cybersecurity firm Kaspersky in 2023. The Russian government claimed the work of the NSA, but the US government did not respond to this claim. Rocky Cole, cofounder of iVerify, notes that Coruna's code appears to have been originally written by English-speaking coders and bears the hallmarks of other modules attributed to the US government.

"It's highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government," Cole tells WIRED. "This is the first example we've seen of very likely US government tools -- based on what the code is telling us -- spinning out of control and being used by both our adversaries and cybercriminal groups."

Regardless of Coruna's origin, Google warns that a highly valuable and rare hacking toolkit appears to have traveled through a series of unlikely hands and now exists in the wild where it could still be adopted or adapted by any hacker group seeking to target iPhone users. The report notes that an active market for "second-hand" zero-day exploits likely facilitated this proliferation.

As a result, it's crucial for iPhone users to stay vigilant and keep their devices up-to-date with the latest iOS versions. This will help prevent exploitation of the known vulnerabilities in Coruna. Furthermore, Apple's efforts to patch these vulnerabilities demonstrate its commitment to protecting user security. However, the sheer scale of this attack highlights the need for ongoing awareness and caution among iPhone users.

Moreover, this incident serves as a reminder that even the most advanced security measures can be breached if not properly maintained or updated. The rapidly evolving landscape of cyber threats demands continuous monitoring and adaptation to stay ahead of potential attacks.

Conclusion

The Coruna toolkit is a stark example of how sophisticated hacking tools can fall into the wrong hands, putting iPhone users at risk of exploitation. As Apple continues to patch vulnerabilities in its iOS versions, it's essential for users to prioritize their device security and stay informed about emerging threats. By staying vigilant and adhering to best practices, we can mitigate the impact of these types of attacks and protect our personal data.

Keywords: iPhone hacking, Coruna toolkit, iOS vulnerabilities, cybersecurity threats, Apple, US government contractor, cybercriminal groups, zero-day exploits, mobile security, surveillance companies, NSA

HACKER_BLOG

A POSSIBLE US GOVERNMENT IPHONE-HACKING TOOLKIT IS NOW IN THE HANDS OF FOREIGN SPIES, CRIMINALS

A Highly Sophisticated iPhone Hacking Toolkit Has Fallen into the Wrong Hands

Conclusion

HACKER_BLOG

A POSSIBLE US GOVERNMENT IPHONE-HACKING TOOLKIT IS NOW IN THE HANDS OF FOREIGN SPIES, CRIMINALS

A Highly Sophisticated iPhone Hacking Toolkit Has Fallen into the Wrong Hands

Conclusion

RELATED POSTS

‘I can think of a couple Pretti Good reasons!’: Hacktivists may have just cracked open ICE and exposed over 6,000 companies working with the DHS

Project Compass Targets 764 Network as 30 Arrested and Victims Rescued

Israeli spies spent years hacking every camera in Tehran to monitor Ayatollah Ali Khamenei: report