VERY IMPORTANT

The intelligence details indicators of compromise for the Coruna iOS iPhone web malware exploitation kit. It provides MD5, SHA-1, and SHA-256 hashes for detected JavaScript payloads. The analysis lists numerous active domains serving the malware, including specific URLs delivering client-side exploits. The campaign involves a wide network of malicious domains and URLs targeting iOS devices. The extensive list of compromised and malicious infrastructure demonstrates the scale of this exploitation kit's operations, highlighting the ongoing threat to iPhone users through web-based attacks.