2023-06-09 17:59:24
Cybersecurity vendor Kaspersky has reported a new spyware attack on iPhones called “Operation Triangulation.”
Cybersecurity vendor Kaspersky has reported a new spyware attack on iOS devices. After detecting suspicious activity on iPhones, Kaspersky experts inspected the devices using the Mobile Verification Toolkit. The indicators discovered suggest that the iPhones have suffered a compromise. Kaspersky named this spyware campaign “Operation Triangulation”.
Spyware on iPhones: An Invisible and Sophisticated Threat
According to Kaspersky, spyware can infect iPhones without any user action. In fact, the user receives an invisible iMessage with a malicious attachment. This attachment contains the exploit that triggers a vulnerability.
Thus, the code executes whether or not the user interacts with the message. At this point, thethe software is downloading additional steps from a command and control (C&C) server. These steps install additional iOS exploits for privilege escalation.
Once the iPhone is compromised, a final payload is downloaded, incorporating an advanced persistent threat platform (PTA). Then the background activities are concealed when the initial message with the malicious attachment is deleted. This attack demonstrates the growing sophistication of spyware and its ability to infect iPhones without users realizing it. As a result, it is essential to be attentive and put in place appropriate security measures to protect once morest these threats.
Kaspersky Disclaimer
“We have not yet found an effective solution to remove spyware from infected iOS devices without losing user data, due to the blocking of updates specific to these devices,” explains Eugene Kaspersky, CEO of the cybersecurity firm, in a blog post. The only current solution is to factory reset infected iPhones. Then, reinstall the latest operating system and user environment from scratch. However, even following restarting, vulnerabilities in an outdated version of iOS can allow triangulation to re-infect devices.
Kaspersky says traces of infection date back to 2019, but the spyware continues to infect iPhones to this day. Fortunately, only iPhones running iOS 15.7 or earlier detected the attack. Also, according to data from Apple’s Developer Portal, over 80% of all iPhones run at least iOS 16.
Eugene Kaspersky points out that his company was not the main target of this cyberattack, for what it’s worth. However, the reasons behind the impact on so many devices using their products are still unknown. Additionally, the true extent of the spyware attack and the risks to the average iPhone user remain uncertain. In the meantime, keeping your iPhone’s operating system up to date is crucial to reduce the risk of compromise.
1686340130
#spyware #discovered #iMessage #protect
