Security experts have uncovered powerful hacking tools that can compromise older iPhones. These tools, once in the hands of a government client, have now fallen into the hands of cybercriminals.
Google first spotted the exploit kit named Coruna in February 2025 during an attempted phone hack for a surveillance vendor. Since then, it has been used against Ukrainian targets by a Russian espionage group and later by hackers in China.
The tools’ leak raises concerns about the growing market for “secondhand” exploits. Once these tools become available, hackers can use them for financial gain. This shows how fragile security can be; tools meant for government use can easily be misused by bad actors. The mobile security firm iVerify has linked Coruna to U.S. government frameworks, pointing to a broader issue of leaked government hacking tools.
iVerify noted, “The more widespread the usage, the greater the chances of a leak.” They suggest that even though Coruna is likely a U.S. government tool, it doesn’t change the fact that it could be used harmfully.
Google states that these hacking tools can bypass iPhone protections just by visiting a malicious website, known as a “watering hole” attack. The Coruna kit can exploit an iPhone through 23 vulnerabilities and can target devices running from iOS 13 to 17.2.1.
In 2023, Wired reported that Coruna included components from an earlier hacking campaign known as Operation Triangulation. A Russian cybersecurity firm highlighted that the U.S. government had tried to compromise iPhones of its employees.
Leak incidents aren’t new. In 2017, the U.S. National Security Agency (NSA) faced a major setback when its hacking tools were stolen, including a notorious back door called EternalBlue. This tool led to widespread cyberattacks, including the 2017 WannaCry ransomware incident.
Recently, Peter Williams, former head of the U.S. defense contractor L3Harris Trenchant, was sentenced to over seven years in prison for stealing and selling exploits to a broker with ties to the Russian government. Prosecutors said these exploits could affect millions of devices globally. It’s uncertain if the vulnerabilities were ever properly disclosed or patched.
Cybersecurity remains a critical issue. Recent statistics show a significant increase in hacking attempts, with reports indicating that 60% of organizations faced attacks last year. As tools like Coruna become more accessible, users must stay vigilant.
For more insights on cybersecurity, you can check out resources from trusted sources like the Cybersecurity & Infrastructure Security Agency.
Overall, the evolution of these hacking tools tells a concerning story about security and the potential risks we all face in the digital age.
Source link
cybercriminals,exploits,hackers,hacks
