A recent cyberattack has shed light on a concerning vulnerability in iOS devices, specifically targeting iPhones. Digital security firm Kaspersky has uncovered an operation dubbed “Operation Triangulation,” in which hackers were able to infect iPhones with spyware through an “invisible iMessage with a malicious attachment.” What makes this exploit particularly alarming is that it can be activated without any user interaction, making it a “zero-click” exploit.
Once the spyware, known as Triangulation, was installed on the devices, it had the capability to gather sensitive information from the infected iPhones. This included audio recordings, photos, geolocation data, and more, which was then transmitted to remote servers. The most troubling aspect is that the user remains completely unaware of the infection, as there are no noticeable signs or indicators of compromise.
Kaspersky further elaborates on the technical aspects, stating that the exploit successfully targeted iPhones running iOS 15.7, the latest version at the time. However, an Apple representative clarified that there is no evidence to suggest that the exploits work on iOS versions later than 15.7. Apple had addressed one of the vulnerabilities, known as CVE-2022-46690, in iOS 16.2, according to their security notes.
To detect the presence of Triangulation, Kaspersky relied on its Unified Monitoring and Analysis Platform. However, due to the closed nature of iOS, there are currently no standard operating system tools available to detect or remove this spyware from infected devices. One indirect indication of a Triangulation infection could be if the ability to update iOS has been disabled on the iPhone.
In response to the threat, Kaspersky has developed a free utility called “triangle_check” that allows users to scan their iPhone backups for signs of Triangulation. The utility is available for Mac, Linux, and Windows users, although it should be noted that it is a Python package and not a typical Mac application. Mac users will need to utilize macOS’s Terminal app and install the pip utility to use Kaspersky’s tool effectively.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
While iPhone viruses and malware are relatively rare, this incident serves as a reminder that no device is completely invulnerable to security risks. Apple strongly encourages users to update their devices to the latest supported version of iOS to ensure that they have the most up-to-date security patches installed. It is crucial to stay informed about iPhone security and take necessary precautions to protect personal data and devices. For more information on iPhones and viruses, as well as steps to remove a virus from an iPhone or iPad, refer to our comprehensive guide.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
