A new state-level IOS exploit kit (used by certain states), named Coruna, endangers iPhone users and their cryptocurrency.
Explanation 🫧
What is Coruna?
Is a tool initially developed for surveillance by certain governments. It exploits zero-day iOS vulnerabilities from iOS 13 to iOS 17.2.1 and is now used by cybercriminals to steal cryptos.
How are your cryptos in danger?
• You are visiting a compromised website.
• Coruna exploits iOS vulnerabilities to take control of your iPhone.
• It can access your wallets (Metamask, Base etc..)
• It can also steal your seed phrase and password stored in Notes or photos.
Results: Your cryptos disappear in seconds. Even after refreshing 10 times they will not come back 😹😹(I know this is the reaction everyone will have if this happens 🤣).
Why is this risk huge?
Charles Guillemet, CTO of #Ledger compares coruna to #EternalBlue, the Windows exploit that fueled #WannaCry
• Even cautious users are not safe if their keys are on the iPhone.
• Tens of thousands of iPhone users have already been affected, and millions remain vulnerable.
How to protect yourself?
• Always update iOS to fix vulnerabilities. #Apple fixes some vulnerabilities in the updates.
• Never put your seed phrases on your phone. We may sing this phrase every day but where the unlucky one falls, they will see 😹.
• Use if you have the opportunity of Cold wallets.
• Be cautious of websites visited and links with suspicious aspects. I know that many like to directly enter sites as soon as they see the phrase " This crypto will make a x100 buy now " or " in 2025 you missed Hyperliquid in 2026 don't miss this crypto " Always take the time to verify the URL before clicking on it because a fake site cannot have the same URL as the verified site Example verified site Binance.com malicious site: Biinance.com you will notice the "ii" present on the malicious site?
Conclusion
If you use an iPhone iOS you are exposed. Remember to make updates.
