" class="no-js "lang="en-US"> Kaspersky Reports New Mobile Advanced Persistent Threat (APT)
Monday, September 25, 2023

Breaking News

Visa Partners with UK Government and Top UK Universities to Power the Next Generation of AI Talent ING Americas makes key leadership appointments in its Sectors and Capital Markets and Advisory Teams Nottingham Building Society enhances broker support with increased procuration fee and new residential products Shift4 Partners with Give Lively to Offer Powerful Fundraising Solution to Nonprofits SmartStream appoints Akber Jaffer as Chief Executive Officer Check out the Rockstar Speakers joining the 5th edition of The Fintech Talents Festival Metro Bank Has Signed Up to The Race at Work Charter Veridas Joins Security Industry Association (SIA) to Drive Continued Collaboration within Security Industry Wolters Kluwer Identifies How Financial Technology Brings Clarity for ESG Reporting Challenges EXCLUSIVE: “The stealth approach to transformation” – Kunal Galav, Mambu and Akhilesh Khera, PwC in ‘The Fintech Magazine’ Financial wellbeing startup Mintago closes $4.75m funding round British Business Bank Supports More Than £12.4 Billion of Finance Through Its Core Programmes and Meets Its Objectives, but Reports a Loss for 2022/23 Due to Falls in Market Valuations Backbase enters into strategic partnership with FrankieOne to provide financial institutions in Australia and New Zealand with safer and simpler digital onboarding Dawn Capital raises $700m to invest in the next generation of European B2B software winners The Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) Propose Measures to Boost Diversity and Inclusion in Financial Services

Kaspersky Reports on New Mobile Advanced Persistent Threat (APT) Campaign Targeting iOS Devices

Kaspersky researchers have uncovered an ongoing mobile Advanced Persistent Threat (APT) campaign targeting iOS devices with previously unknown malware. Dubbed as ‘Operation Triangulation’, the campaign distributes zero-click exploits via iMessage to run malware gaining complete control over the device and user data, with the final goal to hiddenly spy on users.

The investigation of the attack technique is still ongoing, but so far Kaspersky researchers were able to identify the general infection sequence. The victim received a message via iMessage with an attachment containing a zero-click exploit. Without any further interaction, the message triggered a vulnerability that led to code execution for privilege escalation and provided full control over the infected device. Once the attacker successfully established its presence in the device, the message was automatically deleted.

Further, the spyware quietly transmitted private information to remote servers: including microphone recordings, photos from instant messengers, geolocation and data about a number of other activities of the owner of the infected device.

During the analysis, it was confirmed that there was no impact on the company’s products, technologies and services, and no Kaspersky customer user data or critical company processes were affected. The attackers could only access data stored on the infected devices. Although not certain, it is believed that the attack was not targeted specifically at Kaspersky – the company’s just first to discover it. The following days will likely bring more clarity about the global exposure of this cyberattack.

“When it comes to cybersecurity, even the most secure operating systems can be compromised. As APT actors are constantly evolving their tactics and searching for new weaknesses to exploit, businesses must prioritise security of their systems. This involves prioritising employee education and awareness, and providing them with the latest threat intelligence and tools to effectively recognise and defend against potential threats,” commented Igor Kuznetsov, head of the EEMEA unit at Kaspersky Global Research and Analysis Team (GReAT). “Our investigation of the Triangulation operation continues. We expect further details on it to be shared soon, as there can be targets of this spy operation outside Kaspersky.”

People In This Post

Companies In This Post

  1. Visa Partners with UK Government and Top UK Universities to Power the Next Generation of AI Talent Read more
  2. ING Americas makes key leadership appointments in its Sectors and Capital Markets and Advisory Teams Read more
  3. Nottingham Building Society enhances broker support with increased procuration fee and new residential products Read more
  4. Shift4 Partners with Give Lively to Offer Powerful Fundraising Solution to Nonprofits Read more
  5. SmartStream appoints Akber Jaffer as Chief Executive Officer Read more