SGGPO
Researchers at Kaspersky have discovered an Advanced Persistent Threat (APT) cyberattack campaign targeting iOS devices with previously undetected malware on mobile platforms.
 |
| The APT campaign targets iOS devices via iMessage. |
Dubbed “Operation Triangulation,” this campaign distributes zero-click exploits via iMessage to run malware that gains complete control over users’ devices and data, with the ultimate goal of secretly tracking users.
Kaspersky experts discovered this APT campaign while monitoring company Wi-Fi network traffic using Kaspersky's Unified Monitoring and Analysis Platform (KUMA). After further analysis, researchers found that the threat actor had targeted the iOS devices of dozens of company employees.
The victim receives a message via iMessage with an attachment containing a zero-click exploit. Without requiring any interaction from the victim, the message triggers a vulnerability that leads to code execution to escalate privileges and gain full control of the infected device. Once the attacker successfully establishes their presence on the device, the message is automatically deleted.
Furthermore, the spyware silently transmits personal information to remote servers, including audio recordings, photos from instant messaging apps, geolocation data, and other activity data of the infected device owner.
Igor Kuznetsov, Head of the EEMEA unit at Kaspersky's Global Research and Analysis Team (GReAT), stated: “Our investigation into this activity continues, and we expect to share more details soon, as there may be targets of this espionage activity outside of Kaspersky.”
Because many targeted attacks begin with phishing or social engineering tactics, provide security awareness training and guidance on essential skills for company employees, such as the Kaspersky Automated Security Awareness Platform.
Kaspersky researchers offer recommendations to help users avoid becoming victims of targeted attacks by known or unknown actors: For timely protection, investigation, and response at the endpoint level, use a trusted enterprise security solution, such as Kaspersky Unified Monitoring and Analysis Platform (KUMA); Update Microsoft Windows operating systems and third-party software as soon as possible, and do so regularly; Provide SOC teams with access to the latest Threat Intelligence (TI) data; Equip cybersecurity teams with the skills to address the latest targeted threats through Kaspersky's online training, developed by experts at GreAT…
Source
![[Photo] Prime Minister Pham Minh Chinh attends the Conference on the Implementation of Tasks for 2026 of the Industry and Trade Sector](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F12%2F19%2F1766159500458_ndo_br_shared31-jpg.webp&w=3840&q=75)
Comment (0)