Dubbed 'Operation Triangulation', the campaign spreads a zero-click exploit via iMessage to run malware that gains complete control over a user's device and data, with the ultimate goal of secretly spying on users.
A campaign to attack iOS device users has just been discovered
Kaspersky experts discovered this APT campaign while monitoring the network traffic of the company's Wi-Fi using the Kaspersky Unified Monitoring and Analysis Platform (KUMA). After further analysis, the researchers discovered that the threat actor had targeted the iOS devices of dozens of company employees.
The investigation into the attack technique is still ongoing, but Kaspersky researchers were able to identify the general infection sequence. The victim receives an iMessage message with an attachment containing a zero-click exploit. Without any interaction from the victim, the message triggers a vulnerability that leads to code execution to escalate privileges and provide full control over the infected device. Once the attacker has successfully established their presence on the device, the message is automatically deleted.
Not stopping there, the spyware quietly transmits personal information to remote servers, including audio recordings, photos from instant messaging apps, geolocation, and data about a number of other activities of the infected device owner.
During the analysis, Kaspersky experts confirmed that there was no impact on the company's products, technologies, and services, nor did any Kaspersky customer data or critical company processes get affected. The attackers were only able to access data stored on infected devices. Kaspersky was the first company to detect this attack, but it is unlikely to be the only target.
“When it comes to cybersecurity, even the most secure operating systems can be compromised. As APT attackers are constantly evolving their tactics and looking for new weaknesses to exploit, businesses must prioritize the security of their systems. This involves prioritizing employee education and awareness , while providing them with the latest threat intelligence and tools to effectively identify and protect against potential threats,” commented Igor Kuznetsov, Head of EEMEA at Kaspersky’s Global Research and Analysis Team (GReAT).
Source link
Comment (0)