\n<\/p>\n
Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of cybercriminals.<\/p>\n
Google said Tuesday<\/a> that it first identified the exploit kit, dubbed Coruna, in February 2025 during a surveillance vendor\u2019s attempt<\/a> to hack into someone\u2019s phone with spyware on behalf of a government customer. It found the same exploit kit months later targeting Ukrainian users in a broad-scale campaign by a Russian espionage group, and then later found it used by a financially motivated hacker in China.<\/p>\n It\u2019s unclear how the tools leaked or proliferated, but Google security researchers warned of an emerging market for \u201csecondhand\u201d exploits, which are sold to hackers motivated by money to extract more value out of the exploit.<\/p>\n The discovery also shows how exploits and back doors designed to be used by governments can leak and ultimately be abused by cybercriminals or other non-state actors. Mobile security company iVerify obtained and reverse-engineered the hacking tools, saying in a blog post<\/a> that it linked the Coruna exploit kit to the U.S. government, based on similarities to hacking tools previously attributed to the United States.<\/p>\n \u201cThe more widespread the use, the more certain a leak will occur,\u201d said iVerify. \u201cWhile iVerify has some evidence that this tool is a leaked US government framework, that shouldn\u2019t overshadow the knowledge that these tools will find their way into the wild and will be used unscrupulously by bad actors.\u201d<\/p>\n Google said the hacking tools are powerful, as they can bypass an iPhone\u2019s defenses simply through visiting a malicious website containing the exploit code \u2014\u00a0such as being sent a malicious link \u2014 in what is known as a \u201cwatering hole\u201d attack. According to Google, the Coruna kit can hack into an iPhone five separate ways by relying on and chaining together 23 separate vulnerabilities in its digital arsenal. Affected devices range from iPhone models running iOS 13 up to 17.2.1, which released in December 2023.<\/p>\n According to Wired, which first reported the news<\/a>, the Coruna kit contains components that were previously used in a hacking campaign dubbed Operation Triangulation<\/a>. Russian cybersecurity firm Kaspersky claimed in 2023 that the U.S. government tried to hack several iPhones belonging to its employees.<\/p>\n Techcrunch event<\/p>\n \n\t\t\t\t\t\t\t\t\tSan Francisco, CA<\/span> While leaks of hacking tools are rare, they are not unheard of. In 2017, the U.S. National Security Agency discovered that tools it had developed to hack into Windows computers worldwide had been stolen. The Windows back door, known as EternalBlue, was later published and was used by cybercriminals in subsequent attacks<\/a>, including the 2017 WannaCry ransomware attack<\/a> by North Korea.<\/p>\n TechCrunch also recently reported on the case of Peter Williams, the former head of the U.S. defense contractor L3Harris Trenchant, who was sentenced to more than seven years in prison after pleading guilty<\/a> to stealing and selling eight exploits to a broker known to work with the Russian government.<\/p>\n According to prosecutors, Williams sold exploits that were capable of hacking into \u201cmillions of computers and devices\u201d worldwide<\/a>. At least one exploit was sold to a South Korean broker<\/a>. It\u2019s unclear if the exploits were ever disclosed to the software makers, or patched.<\/p>\n<\/div>\n
\n\t\t\t\t\t\t\t\t\t\t\t\t\t|<\/span>
\n\t\t\t\t\t\t\t\t\t\t\t\t\tOctober 13-15, 2026<\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/div>\n