An iPhone-hacking toolkit used by Russian spies likely came from U.S. contractor
9 hours ago
- #iPhone Hacking
- #Espionage
- #Cybersecurity
- Mass hacking campaign targets iPhone users in Ukraine and China using tools likely designed by U.S. military contractor L3Harris.
- The hacking toolkit, 'Coruna,' was originally developed for Western spies but ended up with Russian government hackers and Chinese cybercriminals.
- Google revealed the toolkit was used in global attacks, including by Russian spies against Ukrainians and Chinese cybercriminals for financial theft.
- Researchers believe Coruna may have been built by a company selling to the U.S. government, with evidence pointing to L3Harris's Trenchant division.
- Former L3Harris employees confirmed Coruna was an internal component, with technical details matching Google's findings.
- L3Harris sells Trenchant tools exclusively to the U.S. government and Five Eyes allies, suggesting Coruna may have leaked from these agencies.
- A former Trenchant employee, Peter Williams, stole and sold hacking tools to Russian broker Operation Zero, leading to their misuse.
- Operation Zero, linked to Russian government and cybercriminals, may have resold Coruna to Chinese hackers.
- Coruna exploits, Photon and Gallium, were used in 'Operation Triangulation,' a sophisticated hacking campaign against Russian iPhone users.
- Kaspersky researchers could not definitively attribute Operation Triangulation but noted similarities with U.S. tools and bird-named exploits linked to Trenchant.
- Cybersecurity journalist Patrick Gray suggested Williams' leaks may have included the Triangulation hacking kit.