SGGPO
Researchers at Kaspersky have discovered a mobile APT (Advanced Persistent Threat) campaign targeting iOS devices with previously undetected malware.
 |
| APT Campaign to iOS Devices via iMessage |
Dubbed “Operation Triangulation,” the campaign spreads zero-click exploits via iMessage to run malware that gains complete control over users’ devices and data, with the ultimate goal of secretly spying on users.
Kaspersky experts discovered this APT campaign while monitoring the network traffic of the company's Wi-Fi using Kaspersky Unified Monitoring and Analysis Platform (KUMA). After further analysis, researchers discovered that the threat actor had targeted the iOS devices of dozens of company employees.
The victim receives an iMessage message with an attachment containing a zero-click exploit. Without any interaction from the victim, the message triggers a vulnerability that results in code execution, escalating privileges and giving the infected device full control. Once the attacker has successfully established a presence on the device, the message is automatically deleted.
Not stopping there, the spyware quietly transmits personal information to remote servers, including audio recordings, photos from instant messaging apps, geolocation, and data about a number of other activities of the infected device owner.
“Our investigation into this operation continues, we hope to share more details about it soon, as there may be targets of this espionage activity outside of Kaspersky,” said Igor Kuznetsov, Head of EEMEA at Kaspersky’s Global Research and Analysis Team (GReAT).
Since many targeted attacks start with phishing or social engineering tactics, provide security awareness training and skills training to your company employees, such as Kaspersky Automated Security Awareness Platform.
Kaspersky researchers offer recommendations to help users avoid becoming victims of targeted attacks by known or unknown actors: For timely protection, investigation and response at the endpoint level, use a reliable enterprise security solution, such as Kaspersky Unified Monitoring and Analysis Platform (KUMA); Update Microsoft Windows operating systems and third-party software as soon as possible, and regularly; Provide access to the latest Threat Intelligence (TI) for SOC teams; Equip cybersecurity teams to tackle the latest targeted threats with Kaspersky's online training course, developed by experts at GreAT…
Source
![[Photo] Inside the Imperial Academy relic of Hue Citadel before the hundred billion dollar restoration](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/18/77fd186af68341b1a8bffd072fa896a6)
![[Photo] National Assembly Chairman Tran Thanh Man begins attending AIPA-46 activities](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/18/73487ff8ed57412eab9211273946c14d)
Comment (0)