 "Hackers target iPhones with unknown malware via iMessages to spy on users")
Hackers are targeting iPhones with previously unknown malware, via iMessage to, gain complete control over the iOS device and spy on users, cyber-security researchers warned on Friday.
Cybersecurity company Kaspersky discovered the mobile Advanced Persistent Threat (APT) campaign targeting iOS devices with previously unknown malware.
Dubbed as 'Operation Triangulation', the ongoing campaign distributes zero-click exploits via iMessage to run malware gaining complete control over the device and user data, with the final goal to "hiddenly spy on users".
The experts uncovered the campaign while monitoring the network traffic of its corporate Wi-Fi network.
Upon further analysis, researchers discovered the threat actor has been targeting iOS devices of dozens of company employees.
This is how the new malware campaign works.
The victim receives a message via iMessage with an attachment containing a zero-click exploit.
Without any further interaction, the message triggers a vulnerability that leads to code execution for privilege escalation and provides full control over the infected device.
Once the attacker successfully establishes its presence in the device, the message is automatically deleted.
"Further, the spyware quietly transmitted private information to remote servers: including microphone recordings, photos from instant messengers, geolocation and data about a number of other activities of the owner of the infected device," the team noted.
The attackers could only access data stored on the infected devices. Although not certain, it is believed that the attack was not targeted specifically at Kaspersky.
"As APT actors are constantly evolving their tactics and searching for new weaknesses to exploit, businesses must prioritise security of their systems.
"This involves prioritising employee education and awareness, and providing them with the latest threat intelligence and tools to effectively recognize and defend against potential threats," said Igor Kuznetsov, head of the EEMEA unit at Kaspersky Global Research and Analysis Team (GReAT).
"Our investigation of the 'Triangulation' operation continues. We expect further details on it to be shared soon, as there can be targets of this spy operation outside Kaspersky," he added.
In order to avoid falling victim to a targeted attack, update third-party software as soon as possible and do so regularly, the researchers advised.
--IANS
na/vd
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app