ClickCease Kaspersky warns of "Operation Triangulation" iMessage attack

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Kaspersky warns of “Operation Triangulation” iMessage attack

June 13, 2023 - TuxCare PR Team

Kaspersky has warned about an ongoing attack called Operation Triangulation on Apple’s iMessage. The attacks, which started in 2019, are utilizing a zero-click, zero-day vulnerability which enables code execution and privilege escalation, with spyware being installed through a malicious iMessage attachment.

Through the Kaspersky Unified Monitoring and Analysis Platform (KUMA), the researchers discovered that the campaign possesses the capability to infiltrate devices without any user interaction. The vulnerability is triggered simply by receiving a malicious iMessage containing an attachment housing the exploit. It then exfiltrates private data, including microphone recordings, instant messenger photos, geolocation information, and other sensitive activities, to remote servers.

To investigate compromised iPhones, the researchers utilized a mobile verification toolkit and created offline backups, which enabled them to determine the presence of compromise. Further analysis revealed that the breach’s final payload was downloaded from a sophisticated advanced persistent threat (APT) platform. Although the exact nature of this payload is yet to be confirmed, it operates with root privileges and executes a series of commands to collect system and user information.

Mitigating this exploit appears relatively straightforward, as Kaspersky researchers have not encountered any compromised devices running iOS versions later than 15.7. This suggests that the vulnerability being exploited may have been addressed and patched in subsequent iOS updates.

The Russian Federal Security Service (FSB) has confirmed that both Russian citizens and diplomats have fallen victim to this vulnerability. Furthermore, the FSB has accused Apple and the United States National Security Agency (NSA) of orchestrating the attacks, an allegation that Apple vehemently denies.

The sources for this piece include an article in Forbes.

Summary
Kaspersky warns of "Operation Triangulation" iMessage attack
Article Name
Kaspersky warns of "Operation Triangulation" iMessage attack
Description
Kaspersky has warned about an ongoing attack called Operation Triangulation on Apple's iMessage. The attacks started in 2019.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter