Famous antivirus company Kaspersky has released a report on a new spyware attack targeting iOS devices. Security experts have provided information about the “Operation Triangulation” attack, which is carried out through a security vulnerability detected in the iOS operating system. Here’s what you need to know about the Operation Triangulation malware affecting iPhone users…
iPhone’s vulnerable to Operation Triangulation malware
According to the Kaspersky report, spyware can infect iPhones without the user having to do anything. Hackers send an invisible iMessage with malicious attachments to the iPhone user. This message then triggers a security vulnerability that allows code to be executed regardless of whether the user interacts with the message.
The malware starts downloading additional steps that exploit vulnerabilities in the iOS operating system for privilege escalation from a command and control (C&C) server. After the device is hacked, the malware also deletes the message sent with the attachment. All of these operations happen in the background, so users won’t notice any unusual activity on their devices.
Officials who commented on the issue explained, “Due to the features that block iOS updates on infected devices, we haven’t found an effective way to remove spyware without the user losing their data. This can only be done by resetting infected iPhones to factory settings, installing the latest version of the operating system and reloading all user data from scratch. Otherwise, even if the spyware is deleted from the device memory after restarting, it can re-infect the device through security vulnerabilities in an old version of iOS called Triangulation.”
Kaspersky noted that the oldest traces of infection date back to 2019, but emphasized that the spyware continues to affect iPhones to this day. It should be noted that the attack has so far only been detected on iPhones running iOS 15.7 or earlier versions.