Beware, Google and iVerify Find Hacking Tools to Steal Sensitive Data from iPhone Users

Malicious software targets iPhone users' financial data (photo: dok. unsplash)

Google and security company iVerify revealed the existence of Coruna, a dangerous exploit that targets iPhone users, especially phones running old versions of iOS.

This software works by exploiting dozens of vulnerable security holes. Usually, the target of this attack is not only iPhones running old iOS, but also iPhones that are no longer supported with the latest updates.

Coruna works gradually to penetrate the protective layer of Apple's operating system (OS). When the victim visits a malicious site, Coruna will run a hidden script to take control of the device.

The iVerify report shows that Coruna's technical foundation has similarities with hacking tools developed by the US government. However, the code appears to have been leaked and is now being used by criminal groups as well as spies from various countries.

"This is the first observed mass exploitation of mobile phones by a criminal group using state-of-the-art devices," iVerify wrote in its official report, quoted via 9to5mac on Wednesday, March 4.

The attackers spread Coruna through watering hole methods on sites they had previously hacked. One of the lures was a fake cryptocurrency service specifically designed to snare unsuspecting users.

Coruna's spread is carried out to steal highly sensitive financial data belonging to the victims. The module in the malware is able to extract recovery phrases and cryptocurrency wallet data automatically.

Although very sophisticated, Coruna is known to be unable to fight Apple's latest security system. The program will immediately stop working if it detects the Lockdown Mode feature or if the user is using private browsing mode.

Google emphasizes that this attack is only effective on iPhones running iOS 13 to iOS 17.2.1. If you have an iPhone with that version of iOS, immediately update your version or switch to the latest device.