Kaspersky said there were a number of hackers who targeted a number of iPhones belonging to their employees by using unknown malware.
According to Kaspersky, these hackers work for certain governments and operate by infiltrating malware into iPhones. Kaspersky admits that it is still analyzing this cyber attack and has published the interim findings.
This malware is infiltrated using a zero click loophole via an attachment on iMessage. Horrifyingly, the process of infiltrating this malware only takes one to three minutes. Wow!
Kaspersky spokesperson Sawyer van Horn said that the loophole used for this malware was actually known and had been patched by Apple in December 2022. However, it might have been exploited long before it was patched.
“But there really is no clear indication that the same loophole has previously been exploited, this is very likely to happen,” he said, as quoted by us from Techcrunch, Sunday (4/6/2023).
Kaspersky researchers became aware of this attack after they noticed suspicious activity emanating from a number of iPhones, which occurred while they were monitoring the company's WiFi network. Oh yes, this incident was first discovered in early 2023, and only now has it been made public.
Kaspersky named this cyber attack against its employees as 'Operation Triangulation'. To investigate the attack, they created an offline backup of the victim's iPhone and inspected it using Amnesty International's Mobile Verification Toolkit (MVT) software.
This MVT was made to find traces of hacking on cellphones, and from the results of this research, traces of hacking have existed since 2019 and are continuing to this day. The latest iOS that was successfully compromised is iOS 15.7.
Apart from Kaspersky, there is also the Russian Computer Emergency Response Team (CERT) which is sharing information about this cyber attack. The government-owned agency also publishes a number of domains which are also mentioned by Kaspersky.
Interestingly, there was also a separate statement from the Federal Security Service (FSB), Russia's intelligence agency, regarding the attack. The FSB accuses US intelligence, namely the NSA, of hacking thousands of iPhones to spy on Russian diplomats.
The FSB accuses Apple of cooperating with American intelligence in this hack. However, the FSB did not mention any evidence to substantiate this accusation.
The FSB's description of this attack is similar to what Kaspersky wrote in his report. However it is not known whether these were the same two attacks.
"Although we have no technical data on what was reported by the FSB, in the public alerts issued by the Russian National Coordination Center for Computer Incidents (NCCCI), the indicators of compromised devices match exactly," said Van Horn.
Kaspersky big boss, Eugene Kaspersky believes that Kaspersky employees are not the main target of this cyber attack. He also promised to issue more complete data in the coming days.
We are quite confident that Kaspersky was not the main target of this cyberattack. The coming days will bring more clarity and further details on the worldwide proliferation of the spyware #IOSTriangulation
— Eugene Kaspersky (@e_kaspersky) June 1, 2023