"The core technical value of this exploit kit lies in its comprehensive collection of iOS exploits, with the most advanced ones using non-public exploitation techniques and mitigation bypasses."
"In many cases, advanced tools initially developed for surveillance purposes are later reused or repurposed by state-sponsored espionage groups and eventually by financially motivated cybercriminals."
Google's Threat Intelligence Group discovered Coruna, an advanced iOS exploit kit targeting Apple devices running iOS versions from September 2019 through December 2023. The framework contained 23 vulnerabilities organized in five exploit chains using non-public exploitation techniques and mitigation bypasses. Researchers gained insight into the toolkit's structure after a threat actor accidentally deployed a debug version, exposing internal documentation. Coruna was tracked across three distinct threat-actor ecosystems throughout 2025, demonstrating how sophisticated exploit frameworks circulate and evolve across the cyber threat landscape. The earliest observed activity occurred in February 2025, involving exploit chain components delivered through a previously unknown JavaScript framework designed to fingerprint devices and deliver tailored exploits.
#ios-security #exploit-framework #cyber-threat-intelligence #mobile-malware #threat-actor-operations
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]