Coruna iOS Exploit Shares Code with Windows EternalBlue Vulnerability
Researchers identified 'Coruna', a hacking tool targeting iPhones running iOS 13.0 through 17.2.1, which has been used in attacks on Ukrainian users and by financially motivated hackers. Analysis reveals code similarities between Coruna and the EternalBlue exploit that once targeted Windows OS, highlighting potential cybersecurity vulnerabilities in Microsoft’s ecosystem.
1. Identification of Coruna iOS Exploit
Researchers discovered a hacking tool named 'Coruna' targeting iPhone models running iOS versions 13.0 to 17.2.1, noting its deployment in surveillance attacks against Ukrainian users and financial operations by Chinese-linked actors. The exploit kit’s presence in an active market for zero-day vulnerabilities raises concerns over second-hand exploit proliferation.
2. EternalBlue Similarities and Windows Risk
Security analysts found code parallels between Coruna and the EternalBlue exploit that previously compromised Windows systems, suggesting the toolkit may have origins in a leaked government framework. This finding underscores potential exposure within Microsoft’s Windows ecosystem and may prompt accelerated patch releases or security updates.