Recent revelations by Google have unveiled the utilization of a sophisticated iPhone-hacking toolkit, named ‘Coruna,’ in cyberattacks targeting individuals in Ukraine and China. This toolkit, comprising 23 distinct components, was reportedly developed by U.S. military contractor L3Harris. Originally intended for Western intelligence operations, these tools were later obtained by Russian government operatives and Chinese cybercriminal factions.
Google’s findings indicate that ‘Coruna’ was initially deployed in precise, covert operations by an undisclosed government client of a surveillance vendor, before falling into the possession of Russian spies who targeted Ukrainian individuals. Subsequently, Chinese hackers employed the toolkit in widespread campaigns aimed at financial theft and cryptocurrency acquisition.
According to anonymous sources, former employees of L3Harris have confirmed that ‘Coruna’ was developed within the company’s hacking and surveillance technology division, Trenchant. These insiders, speaking under conditions of confidentiality, recognized ‘Coruna’ as an internal component name closely aligned with the company’s iPhone exploitation tools.
Researchers at mobile cybersecurity firm iVerify, upon scrutinizing ‘Coruna,’ suggested its origin could be traced back to a vendor that supplied such technology to the U.S. government. The intricate technical facets of ‘Coruna’ resonated with these experts, strengthening the hypothesis of its ties to L3Harris.
Source: TechCrunch