Emerging Cyber Threat: Sophisticated Exploit Kit Endangers iPhone Users
Experts are alerting iPhone users regarding a formidable new cybertool, potentially conceived by the US government, that cybercriminals are wielding to infiltrate personal devices.
The global pandemic of the coronavirus has given rise to unprecedented cyber threats.
Tech analysts are warning iPhone owners of a “cryptic” cyberscam that purportedly emanated from US intelligence sources, which can exploit various vulnerabilities to commandeer devices.
This “robust” exploit toolkit, known as Coruna, capitalises on 23 distinct weaknesses to infiltrate iPhones and breach user privacy, as noted in a public service announcement from Google.
Engineered primarily to target Apple’s Safari browser, this intricate attack can be executed through five different vectors, commencing with a mere click on a malicious hyperlink.
Once initiated, the sophisticated tool circumvents iPhone security mechanisms, ostensibly allowing adversaries to extract text snippets and access sensitive information, including financial details.
“The architecture surrounding this exploit kit is exceptionally well-crafted; the various components are methodically integrated and utilise common utility and exploitation frameworks,” Google cautioned.
In stark contrast to typical consumer malware, this virtual Trojan Horse is devoid of specific targeting or ephemeral links, as revealed by iVerify. Rather, any visitor to a compromised website could unwittingly become a victim.
The origins of this digital menace are identifiable, yet it is far from an ordinary spear-phishing virus found in typical cybercrime.
This kit has been co-opted by international cybercriminals, ranging from Russian intelligence operatives to Chinese cryptocurrency fraudsters. Artem.
First detected by Google in February 2025, this state-of-the-art spyware is thought to have started as a US government tool that was subsequently compromised and leaked, according to hypotheses from iVerify.
Like a technological contagion, this government-grade toolkit has been disseminated globally by nefarious actors.
In July 2025, a Russian espionage group took control of Ukrainian websites utilising this tool, while Chinese hackers allegedly employed it to perpetrate fraudulent cryptocurrency transactions targeted at unknowing users, as reported by PCMag.
“Any individual visiting a website with a vulnerable iOS version could be infected,” stated iVerify. “This is atypical of the targeted attacks generally employed by nation-states but indicative of e-criminal groups. We were able to reinfect our devices multiple times.”
The silver lining is that Coruna is capable of infecting only those iPhones running older iOS versions, specifically between 13 and 17.2.1— the latter having been released in 2023.
Consequently, Google strongly advises users to “update their devices to the latest version of iOS” to shield themselves from potential exploitation.
If an upgrade is unfeasible, the company recommends activating Lockdown Mode, a safeguard Apple introduced in 2022 designed to protect users from spyware.
Source link: Aol.com.
