Google recently reported that a hacking tool called Coruna has been causing issues for older versions of Apple’s iOS. Specifically, it’s been confirmed to work with iOS versions 13 through 17.2.1, targeting vulnerabilities in Apple’s WebKit framework. This puts Safari users on those older systems at risk, although there’s no evidence it affects Chrome users. Interestingly, if a device has “Lockdown Mode” activated, Coruna won’t attack it.
Despite these limitations, a cybersecurity firm called iVerify estimates that Coruna has likely infected around 42,000 devices, particularly through connections to compromised Chinese-language websites. However, it’s hard to tell how many other users might be impacted, especially those in Ukraine who may have visited the same malicious sites.
iVerify’s analysis reveals that the Coruna toolkit has been modified to include malware aimed at stealing cryptocurrencies, photos, and sometimes even emails. Spencer Parker, iVerify’s chief product officer, mentions that the original toolkit is quite sophisticated, while the added malware is less impressive and appears hastily thrown together.
Many experts believe that Coruna has links to U.S. government hacking tools, raising questions about how it became available in the cybercriminal market. A notable example is Peter Williams, a former contractor sentenced to seven years in prison for selling zero-day exploits to Russian buyers. This incident highlights a troubling reality in cybersecurity: exploit brokers often sell to the highest bidder without caring about the intentions behind the tools.
Cole, a former NSA employee, points out that the structure of Coruna suggests it was developed by a single author, making it unlikely that its code simply fell into the wrong hands after being repurposed from other malware.
The rise of tools like Coruna shows the evolving landscape of cybercrime, where advanced hacking methods can quickly transform into serious threats for everyday users. As cybersecurity becomes more complex, staying informed is crucial. Always ensure your devices are updated to the latest software versions to minimize risks.
For further reading, check out Zetter’s report on zero-day exploits.
Source link
apple,ios,iphone,russia,nsa,hacking,malware,cryptocurrency,cybersecurity,security
