A serious threat to IOS Devices!
This week, a colleague of mine alerted me to a warning about a new iOS zero-click attack, thank you Rhonda Jenkins .
This previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign known as Operation Triangulation, which began in 2019.
According to Kaspersky, a Russian cybersecurity company, the targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data.
Kaspersky discovered traces of compromise after creating offline backups of the targeted devices.
The attack chain begins with the iOS device receiving a message via iMessage that contains an attachment bearing the exploit.
The exploit is said to be zero-click, meaning the vulnerability is triggered without requiring any user interaction to achieve code execution.
It is also configured to retrieve additional payloads for privilege escalation and drop a final stage malware from a remote server that Kaspersky described as a "fully-featured APT platform."
The implant, which runs with root privileges, is capable of harvesting sensitive information and is equipped to run code that is downloaded as plugin modules from the server.
In the final phase, both the initial message and the exploit in the attachment are deleted to erase any traces of the infection.
Kaspersky said, "The malicious toolset does not support persistence, most likely due to the limitations of the [operating system]. The timelines of multiple devices indicate that they may be reinfected after rebooting."
The exact scale and scope of the campaign remain unclear, but the company said the attacks are ongoing, with successful infections penetrating devices running iOS 15.7, which was released on September 12, 2022.
Although iOS devices are less likely to be attacked, they are not immune to attack. For most people, their entire lives are on their mobile devices, and with over 5.22 billion users, of which around 20% are iOS users, it is essential that we take iOS protection seriously.
If your worried about your organisations mobile security please get in touch for a free no obligation discussion with our expert team.
Have a great weekend
The ??