Leading cybersecurity and antivirus company Kaspersky has discovered a new cyberattack threat that targets iPhone models running older versions of iOS via the iMessage app. The malware, found when the company was monitoring its own Wi-Fi network for mobile devices, infects the phone via a received iMessage, which contains a malicious attachment. The threat does not require the iPhone user to do anything and uses the vulnerability in iOS to install spyware that takes full control of the device and the user’s data.
according to a report Based on its findings published by Kaspersky, the malicious attachment sent via iMessage executes code without requiring any user action. The malicious code then runs a set of commands to collect private data from the user.
Kaspersky CEO Eugene Kaspersky tweeted about the iOS hack, detailing that the spyware extracts private information, such as microphone recordings, instant messaging photos, geolocation and other data, and transmits it to remote servers. The firm has dubbed the cyberattack threat “Operation Triangulation.”
We have discovered a new cyberattack against iOS called Triangulation.
The attack starts with iMessage with a malicious attachment that, using a number of vulnerabilities in iOS, installs spyware. No user action is required.#IOSTriangulation pic.twitter.com/daxEYZwXwD
— Eugenio Kaspersky (@e_kaspersky) June 1, 2023
Kaspersky said the malware was found on the iPhones of dozens of employees and could also target other iPhone users. He also added that the threat had been neutralized and details of the vulnerability were sent to Apple. The CEO also noted that disabling the iMessage service would prevent the attack on vulnerable iOS devices.
The company said that after the malware is successfully installed on the device, the initial text and accompanying exploit in the iMessage attachment are removed. The Kaspersky report said that the attack was ongoing and that iOS 15.7 was the most recent version among the devices that were successfully attacked. iPhone models running iOS 16 appear to be safe from the threat, but Kaspersky mentioned in the comments section of his report that they couldn’t guarantee that other iOS versions would be safe.
On Friday, Kaspersky also released tools for users to check if their device is infected.
In February, Apple released updates that fixed major vulnerabilities with iOS 16.3 and macOS 13.2 for supported iPhone, iPad, and Mac models. At the time, Apple credited the researchers with finding the flaws that allowed a remote user to bypass the protections implemented by Apple and gain access to a user’s personal data, as well as their camera, microphone, and call history.