iPhone Alert: Google Exposes Sophisticated iOS Crypto Phishing Kit "Coruna" in 2026
- What Is the Coruna iOS Exploit Kit?
- How Does Coruna Target iPhone Users?
- How to Protect Your iPhone from Coruna
- Why Is Coruna a Game-Changer for Crypto Security?
- FAQ: Your Coruna Questions Answered
Google’s Threat Intelligence Group (GTIG) has uncovered "Coruna," a highly advanced iOS exploit kit targeting iPhone users (versions 13.0 to 17.2.1) through crypto phishing scams. The kit steals wallet recovery phrases and passwords via malicious websites, often disguised as crypto platforms. Apple has patched some vulnerabilities, but outdated devices remain at risk. Protect yourself by updating iOS, enabling Lockdown Mode, and avoiding suspicious links. --- ###
What Is the Coruna iOS Exploit Kit?
In February 2026, Google revealed Coruna, a state-sponsored-grade toolkit designed to compromise iPhones through fake crypto websites. The kit uses JavaScript to identify devices and deliver tailored exploits, draining victims’ crypto wallets within seconds. Coruna’s origins are murky, but GTIG noted similarities to tools linked to Chinese and Ukrainian cybercriminal groups. Apple has since released patches, but unupdated devices are still vulnerable.
How Does Coruna Target iPhone Users?
The attack unfolds in two stages: 1. Baiting : Victims click links to fake crypto sites (e.g., mimicking Coinbase or Binance). 2. Exploitation : Coruna’s script detects the iOS version and deploys zero-day exploits to extract sensitive data. GTIG found Coruna embedded in phishing campaigns targeting high-net-worth crypto holders. One victim lost $250,000 in bitcoin after visiting a compromised "airdrops" page. *Yikes.*
How to Protect Your iPhone from Coruna
- Update iOS : Apple’s patches (iOS 17.3+) block known Coruna exploits. - Enable Lockdown Mode : This feature restricts risky web functions. - Use Hardware Wallets : Store crypto offline (e.g., Ledger, Trezor). - Verify URLs : Double-check site authenticity—scammers love typos like "Binannce.com."
*Pro tip:* Bookmark legit crypto sites to avoid mistyped URLs. --- ###Why Is Coruna a Game-Changer for Crypto Security?
Coruna’s sophistication signals a shift toward *targeted* crypto phishing. Unlike generic scams, it exploits iOS vulnerabilities directly, making it harder to detect. Google’s disclosure highlights the need for cross-industry collaboration—Apple and exchanges like BTCC now share threat data to preempt attacks.
FAQ: Your Coruna Questions Answered
Is my iPhone at risk if it’s updated?
No—devices running iOS 17.3+ are safe. Check your version in Settings > General > About.
Can Coruna steal from MetaMask or Trust Wallet?
Yes, if you enter recovery phrases on fake sites. Always use official apps.
Did Google blame Apple for the漏洞?
Nope. Google praised Apple’s quick patch rollout but urged users to update ASAP.
