Tencent Cloud Security Team captured a sample of the complete attack chain of an iOS vulnerability.

On April 16th, the Tencent Cloud Security Team captured a complete attack chain sample of an iOS vulnerability and discovered a modular malicious software framework called Plasma running on top of the iOS advanced vulnerability exploitation tool package Coruna. The operation group behind Plasma has a core goal of stealing cryptocurrencies on a large scale, with 24 functional plugins covering 19 mainstream wallets. The attacks have had a global impact, affecting an estimated hundreds of thousands of devices. The Tencent Cloud Security Team stated that advanced vulnerability exploitation tool packages for iOS are increasingly being used in real-world attacks, and it can be expected that there are still many similar yet undisclosed attack tools being active in the wild. Therefore, it is recommended that all iPhone users immediately check and update to the latest available iOS version, as this is the most direct and effective measure to prevent such attacks.