Government Spyware Now Accessible to Cybercriminals

### Summary - Elite [[spyware]] tools once used exclusively by governments are now proliferating to [[cybercriminals]], posing risks to everyday [[iPhone]] users via [[zero-click exploits]]. - [[Coruna]], developed by [[L3Harris]] for a government customer, is deployed by [[Chinese cybercriminal group]] on fake crypto platforms infecting [[iOS]] devices without user interaction. - [[DarkSword]], linked to a [[Russian-based hacking group]], uses [[watering hole attacks]] on [[Ukrainian]] news and government sites to steal data from [[iMessage]], [[WhatsApp]], [[Telegram]], location, contacts, call histories, and more. - Security researchers at [[iVerify]], [[Lookout]], and [[Google]] highlight the reusable nature of these [[mobile exploitation]] kits. - [[Apple]] has issued [[iOS]] patches, emergency updates, and [[Safari]] domain blocks to counter the threats. ### Short Analysis - The spread of advanced [[cyber tools]] from state-level to criminal actors significantly expands the threat surface, making sophisticated data exfiltration accessible beyond traditional [[intelligence operations]]. This development implies increased [[cybercrime]] incidents targeting consumer devices, necessitating heightened vigilance and rapid patching across global [[iPhone]] ecosystems. Narratively, coverage frames it as a universal problem to drive user updates while illustrating the challenges of containing dual-use [[surveillance technologies]]. It matters because it accelerates the evolution of the [[cyber domain]] as a contested space where commercial availability blurs lines between espionage and crime, with no evident geopolitical bias in reporting. ### Extracted Entities - [[Spyware]], [[Coruna]], [[DarkSword]], [[L3Harris]], [[iPhone]], [[iOS]], [[Apple]], [[iVerify]], [[Lookout]], [[Google]], [[China]], [[Russia]], [[Ukraine]], [[Zero-Click Exploit]], [[Watering Hole Attack]], [[Cybercriminals]], [[Mobile Exploitation]], [[Safari]], [[iMessage]], [[WhatsApp]], [[Telegram]], [[Cyber Domain]], [[Digital Privacy]], [[Intelligence Operations]]