Back

Coruna Exploit Kit Linked to Operation Triangulation Framework

Severity: High (Score: 70.5)

Sources: Securityaffairs.Co, Kaspersky

Summary

Kaspersky's Global Research and Analysis Team has identified the Coruna exploit kit as an updated version of the Operation Triangulation framework used in a 2023 cyber-espionage campaign. The analysis revealed that one of the five kernel exploits in Coruna is an updated version of a kernel exploit discovered in the original campaign, suggesting a direct link between the two. The remaining four exploits are built on the same framework, indicating that Coruna is a continuously maintained evolution of Triangulation. The kit includes support for Apple's latest processors and checks for recent iOS versions, highlighting the developers' ongoing efforts to adapt the exploit for current systems. Kaspersky urges all iPhone users to install the latest iOS updates, as the vulnerabilities exploited by Coruna have been patched by Apple. However, unpatched devices remain at risk. The original Operation Triangulation campaign targeted iOS devices of Kaspersky employees and exploited four zero-day vulnerabilities affecting a wide range of Apple products. Key Points: • Coruna exploit kit is an updated version of the Operation Triangulation framework. • One kernel exploit in Coruna is a direct update of a 2023 exploit from Triangulation. • Kaspersky advises immediate iOS updates to mitigate risks from unpatched vulnerabilities.

Key Entities

  • Zero-day Exploit (attack_type)
  • Operation Triangulation (campaign)
  • Apple (company)
  • Kaspersky (company)
  • Russia (country)
  • securelist.com (domain)
  • Coruna (malware)
  • IOS (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed