A highly sophisticated set of iPhone hacking techniques is believed to have infected tens of thousands of iOS devices simply through visits to websites. That said, what should you know about it?
A sophisticated level of engineering could fall into the wrong hands
For your information, this hacking tool, which was initially allegedly developed for the United States government, was then used by Russian spies to target users in Ukraine. Now, the toolkit is believed to have fallen into the hands of a financially motivated cybercrime group in China.
Additionally, the discovery of a new exploit kit named Coruna ( CryptoWaters) targeting Apple devices running iOS versions 13 to 17.2.1 has been reported by Google's Threat Intelligence team. Google said the kit contained 23 exploits in five full chains, with what Google described as a very sophisticated level of engineering.
Moreover, the first attack was detected in Ukraine in July 2025, linked to the Russian group UNC6353, while the second campaign appeared in December 2025 via a fake financial site in China by UNC6691. This exploit targets iPhone/iPad users via a hidden iFrame and loads the PlasmaLoader malware, which is capable of stealing crypto wallets such as MetaMask and Exodus.
Furthermore, the installed implant is also capable of taking over system processes such as powerd, locationd, SpringBoard, and even popular applications such as WhatsApp. Coruna also uses special domain algorithms to avoid detection.
While not effective against the latest iOS versions, this discovery report emphasises the importance of updating devices every time they receive a new update from the manufacturer.
Stay tuned to TechNave.com for more updates like this.
COMMENTS