BEARISH 📉 : Google identifies ‘Coruna’ kit targeting iPhone crypto wallets

Coruna iPhone Crypto Exploit Kit: Key Facts

Google Threat Analysis Group identified 'Coruna,' an advanced iPhone exploit kit targeting crypto wallets.
The toolkit exploits 23 vulnerabilities in iOS versions from 13.0 to 17.2.1, affecting devices with outdated software.
Cybercriminals use it for financial theft by scraping BIP39 seed phrases from users visiting compromised gambling and fake exchange sites.
Apple has patched these vulnerabilities in iOS 17.3 and later versions.
The malware silently delivers a WebKit remote code execution payload to vulnerable devices.
It specifically targets file systems for self-custody apps like MetaMask and BitKeep to steal 12-to-24-word mnemonic phrases.
The attack occurs in the background without alerting users, using obfuscation techniques to avoid detection.
UNC6691, a financially motivated group from China, is attributed as the current user of this kit, previously used by a Russian espionage group.

Users should update their devices to the latest iOS version to mitigate risks.
Enable Apple’s Lockdown Mode to restrict technologies exploited by the malware.
Avoid storing seed phrases in screenshots or notes apps; consider using a hardware wallet for added security.

Iphone crypto exploit