Cororna iOS Exploit Kit Linked to Updated Operation Triangulation
iOS Exploit Kit Coruna: An Updated Version of Operation Triangulation Framework
Kaspersky has discovered a sophisticated iOS exploit kit called Coruna, which appears to be an updated version of the framework used in the infamous Operation Triangulation campaign three years ago.
- The Coruna exploit kit targets 23 vulnerabilities in iOS, including CVE-2023-32434 and CVE-2023-38606, two kernel bugs exploited in Operation Triangulation as zero-days.
- A fresh Kaspersky report reveals that Coruna utilizes an updated version of the previously identified kernel exploit, which demonstrates accuracy in version checking and includes checks for newer iOS iterations and Apple processors.
Key Findings:
The research highlights several significant connections to the older framework, including:
- Code similarities with other components of the kit and reuse of the same exploitation framework as Operation Triangulation.
- The framework’s modular design and ease of reuse making it a prime target for other threat actors.
Impact and Recommendations:
The discovery highlights the ongoing threat posed by sophisticated exploit kits like Coruna, which continue to evolve and adapt to changing technology. As researchers warn, the framework’s potential reuse by other threat actors underscores the need for continued vigilance and prompt patching of vulnerabilities to prevent exploitation.
Conclusion:
As the threat landscape continues to evolve, it is crucial for security professionals to remain proactive and anticipate potential threats. By staying informed and taking necessary precautions, individuals and organizations can better protect themselves against sophisticated exploit kits like Coruna.
About Author
English