Slashdot

News for nerds, stuff that matters

A Possible US Government iPhone-Hacking Toolkit Is Now In the Hands of Foreign Spies, Criminals

Security researchers say a highly sophisticated iPhone exploitation toolkit dubbed "Coruna," which possibly originated from a U.S. government contractor, has spread from suspected Russian espionage operations to crypto-stealing criminal campaigns. Apple has patched the exploited vulnerabilities in newer iOS versions, but tens of thousands of devices may have already been compromised. An anonymous reader quotes an excerpt from Wired's report: Security researchers at Google on Tuesday released a report describing what they're calling "Coruna," a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code. In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that suggests it was created by a well-resourced, likely state-sponsored group of hackers.

In fact, Google traces components of Coruna to hacking techniques it spotted in use in February of last year and attributed to what it describes only as a "customer of a surveillance company." Then, five months later, Google says a more complete version of Coruna reappeared in what appears to have been an espionage campaign carried out by a suspected Russian spy group, which hid the hacking code in a common visitor-counting component of Ukrainian websites. Finally, Google spotted Coruna in use yet again in what seems to have been a purely profit-focused hacking campaign, infecting Chinese-language crypto and gambling sites to deliver malware that steals victims cryptocurrency.

Conspicuously absent from Google's report is any mention of who the original surveillance company "customer" that deployed Coruna may have been. But the mobile security company iVerify, which also analyzed a version of Coruna it obtained from one of the infected Chinese sites, suggests the code may well have started life as a hacking kit built for or purchased by the US government. Google and iVerify both note that Coruna contains multiple components previously used in a hacking operation known as "Triangulation" that was discovered targeting Russian cybersecurity firm Kaspersky in 2023, which the Russian government claimed was the work of the NSA. (The US government didn't respond to Russia's claim.)

Coruna's code also appears to have been originally written by English-speaking coders, notes iVerify's cofounder Rocky Cole. "It's highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government," Cole tells WIRED. "This is the first example we've seen of very likely US government tools -- based on what the code is telling us -- spinning out of control and being used by both our adversaries and cybercriminal groups." Regardless of Coruna's origin, Google warns that a highly valuable and rare hacking toolkit appears to have traveled through a series of unlikely hands, and now exists in the wild where it could still be adopted -- or adapted -- by any hacker group seeking to target iPhone users. "How this proliferation occurred is unclear, but suggests an active market for 'second hand' zero-day exploits," Google's report reads. "Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities."

Read more of this story at Slashdot.

OpenAI Is Developing an Alternative To GitHub

OpenAI is reportedly developing a code-hosting platform that could compete with GitHub, The Information reported on Tuesday. "If OpenAI does sell the product, it would mark a bold move by the creator of ChatGPT to compete directly against Microsoft, which holds a significant stake in the firm," notes Reuters. From the report: Engineers from OpenAI encountered a rise in service disruptions that rendered GitHub unavailable in recent months, which ultimately prompted the decision to develop the new product, the report said. The OpenAI project is in its early stages and likely will not be completed for months, according to The Information. Employees working on it have considered making the code repository available for purchase to OpenAI's customer base.

Read more of this story at Slashdot.

VK: Voorpagina

Volkskrant.nl biedt het laatste nieuws, opinie en achtergronden

Een ode aan de microbe: fermenteren is leuk, lekker en gezond

Ik ken tandartsen met Porsches die zichzelf ‘middenklasse’ vinden. Ze zijn het alleen niet

Amerikaanse handelsminister gaat getuigen voor Epstein-commissie Congres

Henry Moore, Reclining Figure

Thomas Hawk posted a photo:

Henry Moore, Reclining Figure

Redford High School, Detroit, MI

Thomas Hawk posted a photo:

Redford High School, Detroit, MI

Redford High School was a secondary school in Detroit, Michigan. A part of Detroit Public Schools, the school opened in September 1921 and ceased operations in June 2007. it was demolished shortly after these photos were taken in 2012.

Spiraling Down

Greg Adams Photography posted a photo:

Spiraling Down

London Transport Museum

Plum

lioil has added a photo to the pool:

Plum

Sagamihara-Kita Park, Kanagawa, Japan

The Guardian

Latest news, sport, business, comment, analysis and reviews from the Guardian, the world's leading liberal voice

Middle East crisis live: US says nearly 2,000 targets hit in Iran war; Trump says navy may escort tankers through Strait of Hormuz

US military says strikes in the first 24 hours was nearly double the scale of the 2003 ‘shock-and-awe’ operation in Iraq; US president orders insurance to be provided for shipping in crucial waterway

The UK foreign office has said that British nationals, their partners and children under 18 are eligible to travel on a chartered flight from Muscat on Wednesday, as long as they have a valid travel document.

The foreign office said priority will be given to the most vulnerable and they will contact British nationals in Oman. Anyone who registered their presence in the United Arab Emirates and are now in Oman is asked to register for a place on a flight.

Continue reading...