How to protect iPhone from Coruna: quick checklist

• Update your iPhone to the latest iOS version immediately
• Turn on automatic iOS and security updates
• Enable Lockdown Mode if you can’t update or you’re high risk
• Avoid tapping unknown links in texts, emails, or pop-ups
• Harden Safari and clear website data
• Remove unknown configuration profiles and VPNs
• If you suspect infection: isolate, update, erase, and restore from a clean backup

What is Coruna and why it matters

Coruna is a highly engineered exploit kit that uses 23 different iOS weaknesses. It can start in several ways, including a tap on a malicious link or by visiting a compromised site. Unlike many targeted attacks, it does not always use one-time links. That means anyone on a vulnerable iPhone who lands on a bad page could get hit. Reports say criminals from different countries have used it since 2025. While the tool is advanced, it has one major limit: it works best against older iOS versions. If you keep your iPhone updated, your risk drops a lot.

Update and harden your iPhone

Step 1: Update iOS now

The fastest way to reduce risk is to install the latest iOS. Coruna is known to target iOS 13 through 17.2.1. Newer versions include fixes. To update: Settings > General > Software Update. Install any available updates, including rapid security responses if offered.

• Turn on automatic updates: Settings > General > Software Update > Automatic Updates, and enable both Download and Install
• Keep your apps updated too: App Store > profile icon > Update All

If you are asking how to protect iPhone from Coruna with one action, this is it. Patch first. Everything else adds layers on top.

Step 2: Enable Lockdown Mode (especially if you can’t update)

Lockdown Mode adds strong defenses against spyware. It limits risky features in messages, web browsing, and more. It can break some websites and media previews, but it is a smart trade-off if you can’t update or think you are a target.

• Turn it on: Settings > Privacy & Security > Lockdown Mode
• Use it at least until you can update and confirm your device is clean

Step 3: Harden Safari and clear website data

Because Coruna targets web browsing, tighten Safari’s settings and clean up stored data.

• Block pop-ups and turn on Fraudulent Website Warning: Settings > Safari
• Prevent cross-site tracking and limit cookies where possible
• Clear cache and website data: Settings > Safari > Clear History and Website Data
• Use Reader view on unknown sites to reduce active content when possible

Note: On iPhone, all browsers use the same web engine. Switching browsers does not remove the risk if your iOS is outdated. Update iOS first.

Step 4: Remove suspicious profiles and VPNs

Some attacks rely on device profiles or sketchy VPNs to keep control. Remove anything you do not recognize.

• Go to Settings > General > VPN & Device Management
• Delete unknown profiles, device management entries, or VPNs you didn’t install
• Restart your iPhone after making changes

Safer habits that block drive-by infections

Think before you tap

Many Coruna infections start with a click. Slow down when you see shortened links, urgent alerts, fake “captcha” pages, or surprise security warnings.

• Do not tap links from unknown senders in texts, email, or social posts
• Verify the site address before entering any password or payment details
• Type important site addresses yourself or use saved bookmarks

Filter unknown messages

Reduce exposure to junk messages that often carry malicious links.

• Settings > Messages > Filter Unknown Senders: turn it on
• Report junk in Messages and Mail to train the filters

Use strong sign-in protections

Spyware aims to steal account access. Even if a site gets compromised, strong account security limits damage.

• Turn on two-factor authentication for Apple ID and key apps (email, banks, crypto)
• Use unique passwords stored in iCloud Keychain or a trusted password manager
• Set up account alerts for sign-ins and transactions

What to do if you think you’re infected

Act fast: isolate, patch, and then reset

• Isolate: Turn on Airplane Mode to cut connections. If you need to update, reconnect to a trusted Wi‑Fi only for the update step.
• Update iOS immediately to the latest version. This can stop active exploitation.
• Back up: Make an encrypted backup via iCloud or a computer (Finder on Mac, iTunes on Windows).
• Erase: Settings > General > Transfer or Reset iPhone > Erase All Content and Settings.
• Restore: Choose a backup from before the suspected infection. If you are unsure when it started, set up as new and reinstall apps fresh.

Secure your accounts from a clean device

• From a separate, trusted device, change passwords for Apple ID, email, banking, and crypto
• Revoke old app passwords and sign out sessions you don’t recognize
• Turn on two-factor authentication wherever possible
• Contact your bank and enable high‑risk transaction alerts

Watch for lingering signs

After you restore, keep an eye on your device and accounts.

• Unexpected pop-ups, redirects, or crashes during browsing
• Unusual battery drain or data usage
• New apps, profiles, or VPNs you did not install

If issues return, consider repeating the erase-and-set-up-as-new path, then add apps slowly while monitoring. If you handle sensitive work or believe you are targeted, contact Apple Support or a trusted security professional and preserve evidence before wiping.

For businesses and high‑risk users

Set minimum iOS versions and enforce updates

• Use MDM to require the latest iOS and to block devices below a safe baseline
• Enable automatic updates and rapid security responses

Restrict risky features

• Default Lockdown Mode for executives, journalists, or staff in high‑risk regions
• Block unmanaged profiles and prevent installation of unknown VPNs
• Harden Safari via configuration: pop-up blocking, fraudulent site warnings, privacy limits

Prepare for incidents

• Have a playbook: isolate, update, collect logs where possible, wipe, and re‑enroll
• Train staff to avoid unknown links and report suspicious pages and pop-ups
• Monitor for unusual traffic and sign-in activity tied to mobile devices

Keep perspective: patching beats panic

Coruna is serious, but it mainly hits older, unpatched iPhones. Keep your device updated, use Lockdown Mode when needed, and follow safe browsing habits. These simple steps shut most doors attackers try to open. If you do nothing else today, update iOS and clear Safari data—it takes minutes and removes a big target.

Final thoughts

Learning how to protect iPhone from Coruna comes down to three moves: update iOS, enable Lockdown Mode when at risk, and avoid sketchy links. Add cleanup steps—remove unknown profiles, harden Safari, and reset if needed—and you cut the chance of spyware sticking. Stay patched, stay alert, and your iPhone stays yours.

(Source: https://nypost.com/2026/03/04/tech/mysterious-leaked-us-government-tool-is-breaking-into-iphones/)

For more news: Click Here

FAQ