Researchers at Kaspersky have discovered that a mobile APT (Advanced Persistent Threat) campaign is targeting iOS devices with previously undetected malware.
Called ‘Operation Triangulation’, the campaign spreads a zero-click exploit via iMessage to run malware that takes complete control over devices and user data, with the goal of The ultimate goal is to secretly tracking the user
Kaspersky experts discovered this APT campaign while monitoring corporate Wi-Fi network traffic using Kaspersky Unified Monitoring and Analysis Platform (KUMA). After further analysis, the researchers discovered that the threat agent had targeted the iOS devices of dozens of company employees.
The attack technique investigation is still ongoing, but Kaspersky researchers were able to determine the general infection sequence. Victims receive a message via iMessage with an attachment containing a zero-click exploit. Without interaction from the victim, the message triggers a vulnerability that leads to code execution to escalate privileges and provide full control over the infected device. After the attacker successfully establishes their presence on the device, the message is automatically deleted.
Not stopping there, the spyware quietly transmits personal information to remote servers, including audio recordings, photos from instant messaging apps, geolocation, and data about certain activities. another by the owner of the infected device.
During the analysis, Kaspersky experts confirmed that there was no impact on the company’s products, technologies, and services, and no Kaspersky customer data or critical company processes were compromised. affect. Attackers can only access data stored on infected devices. Kaspersky was the first company to detect this attack, but it probably won’t be the only target.
Igor Kuznetsov, Head of the EEMEA Unit in the Global Research and Analysis Team Kaspersky’s head (GReAT) commented: “When it comes to cybersecurity, even the most secure operating systems can be compromised. As APT attackers are constantly evolving their tactics and finding Looking for new vulnerabilities to exploit, businesses must prioritize the security of their systems, which involves prioritizing employee education and awareness and providing them with information. threat intelligence and the latest tools to effectively identify and protect against potential threats”.