SGGPO
Researchers at Kaspersky have discovered a mobile APT (Advanced Persistent Threat) campaign targeting iOS devices with previously unseen malware.
 |
| APT Campaign to iOS Devices via iMessage |
Dubbed “Operation Triangulation,” the campaign spreads zero-click exploits via iMessage to run malware that gains complete control over users’ devices and data, with the ultimate goal of secretly spying on users.
Kaspersky experts discovered this APT campaign while monitoring the network traffic of the company's Wi-Fi using the Kaspersky Unified Monitoring and Analysis Platform (KUMA). After further analysis, the researchers discovered that the threat actor had targeted the iOS devices of dozens of company employees.
The victim receives an iMessage message with an attachment containing a zero-click exploit. Without any interaction from the victim, the message triggers a vulnerability that results in code execution to escalate privileges and provide full control of the infected device. Once the attacker successfully establishes their presence on the device, the message is automatically deleted.
Not stopping there, the spyware quietly transmits personal information to remote servers, including audio recordings, photos from instant messaging apps, geolocation, and data about a number of other activities of the infected device owner.
“Our investigation into this operation continues, and we hope to share more details about it soon, as there may have been targets of this espionage activity outside of Kaspersky,” said Igor Kuznetsov, Head of EEMEA at Kaspersky’s Global Research and Analysis Team (GReAT).
Since many targeted attacks start with phishing or social engineering tactics, provide security awareness training and skills training to your company employees, such as Kaspersky Automated Security Awareness Platform.
Kaspersky researchers offer recommendations to help users avoid becoming victims of targeted attacks by known or unknown actors: For timely protection, investigation and response at the endpoint level, use a reliable enterprise security solution, such as Kaspersky Unified Monitoring and Analysis Platform (KUMA); Update Microsoft Windows operating systems and third-party software as soon as possible, and do so regularly; Provide access to the latest Threat Intelligence (TI) for SOC teams; Equip cybersecurity teams to tackle the latest targeted threats with Kaspersky’s online training course, developed by experts at GreAT…
Source
Comment (0)