threat-intelligenceexploit-kitios
Detecting Coruna: New YARA Rules for the Nation-State iOS Exploit Kit Targeting Safari
•6 min read
ScanMalware adds 16 new YARA detection rules for Coruna (CryptoWaters), the nation-state-grade iOS exploit kit targeting Safari/WebKit on iOS 13-17.2.1. Our rules detect both specific IOCs and generic browser exploitation techniques including in-browser Mach-O parsing, ARM64 gadget scanning, and NaN-boxing type confusion.
Read more →