"The Coruna exploit kit, named by its developers, contained five full iOS exploit chains and a total of 23 exploits. The core technical value of this exploit kit lies in its comprehensive collection of iOS exploits, with the most advanced ones using non-public exploitation techniques and mitigation bypasses."
"Over the course of 2025, GTIG tracked its use in highly targeted operations initially conducted by a customer of a surveillance vendor, then observed its deployment in watering hole attacks targeting Ukrainian users by UNC6353, a suspected Russian espionage group. We then retrieved the complete exploit kit when it was later used in broad-scale campaigns by UNC6691, a financially motivated threat actor operating from China."
"How this proliferation occurred is unclear, but suggests an active market for 'second hand' zero-day exploits. Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities."
Google Threat Intelligence Group discovered Coruna, a sophisticated exploit kit targeting Apple iPhones running iOS versions 13.0 through 17.2.1. The kit contains five complete iOS exploit chains comprising 23 total exploits, with advanced techniques using non-public exploitation methods and mitigation bypasses. Throughout 2025, GTIG tracked Coruna's deployment across multiple threat actors: initially by a surveillance vendor's customer, then by UNC6353 (suspected Russian espionage group) in watering hole attacks against Ukrainian users, and finally by UNC6691 (Chinese financially motivated actor) in broad-scale campaigns. The proliferation pattern suggests an active market for second-hand zero-day exploits, enabling multiple threat actors to acquire and repurpose advanced exploitation techniques with newly discovered vulnerabilities.
#ios-security-vulnerabilities #exploit-kit-proliferation #threat-actor-operations #zero-day-exploits #mobile-device-security
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]