iOS Triangulation: A New Cyberattack Threatening iOS Users

Kaspersky’s CEO recently revealed a new cyberattack against iOS devices called Triangulation. The attack has already infected several dozen iPhones, including those of Kaspersky employees.

The Triangulation Attack

Triangulation is a cyberattack that targets iOS devices, specifically iPhones. It begins with an iMessage containing a malicious attachment. Once the attachment is received, it exploits a number of vulnerabilities in the iOS system to install spyware on the device, all without requiring any user action.

The spyware then proceeds to transmit private information to remote servers. This includes:

a) Microphone recordings,

b)Photos from instant messengers,

c) Geolocation data,

d) Information about various other activities.

The extent of the data breach and the potential impact on users’ privacy is significant.

Kaspersky’s Response

Upon discovering the Triangulation attack, Kaspersky took swift action to neutralize the threat. The company’s business processes and user data remain unaffected, and operations are continuing as normal. Kaspersky is confident that it was not the main target of this cyberattack and anticipates further details on the worldwide proliferation of the spyware in the coming days.

Russia Accuses NSA of Attacks

In a statement that coincides with Kaspersky’s report, Russia’s FSB intelligence and security agency has accused Apple of deliberately providing the NSA with a backdoor to infect iPhones in Russia with spyware. The FSB claims to have discovered malware infections on thousands of Apple iPhones belonging to Russian government officials and staff from the embassies of Israel, China, and several NATO member nations in Russia. However, the FSB has not provided any proof to support these allegations.

The Russian state has previously recommended that all presidential administration employees and members switch from using Apple iPhones and, if possible, give up American-made technology entirely.

Kaspersky’s Findings and FSB’s Report

Kaspersky confirmed to BleepingComputer that the attack impacted its headquarters office in Moscow and employees in other countries. However, the company stated it is in no position to verify a link between its findings and the FSB’s report, as they do not have the technical details of the government’s investigation.

Despite this, Russia’s CERT released an alert linking the FSB’s statement to Kaspersky’s report on the Triangulation cyberattack.