Digital security firm Kaspersky has posted information about a recent cyberattack that targeted the iPhones of Kaspersky employees, which were infected with spyware that is part of a campaign the company dubbed, “Operation Triangulation.”
Hackers were able to infect the iPhones using what Kaspersky called an “invisible iMessage with a malicious attachment” that can be activated without user interaction. Once installed, Triangulation was able to gather sensitive information (audio recordings, photos, geolocation, and more) and transmit that data to remote servers. All of this can occur without the user being able to notice.
In a separate, more technical post, Kaspersky points out that “the most recent version of the devices successfully targeted is iOS 15.7.” An Apple representative told Ars Technica that “there’s no indication in Kaspersky’s account that any of the exploits work on iOS versions later than 15.7.” A Kaspersky representative told Ars Technica that one of the iOS vulnerabilities was recorded as CVE-2022-46690 in the CVE.report database, which Apple fixed in iOS 16.2, according to Apple’s security notes.
Kaspersky was able to detect Triangulation with its Unified Monitoring and Analysis Platform. The company also said, “Due to the closed nature of iOS, there are no (and cannot be any) standard operating-system tools for detecting and removing this spyware on infected smartphones.” If an iPhone has had its ability to update iOS disabled, this could be an indirect indicator of a Triangulation infection.
Kaspersky has created a free utility to check an iPhone backup for a Triangulation infection. The company has full instructions on downloading and using its triangle_check utility for Mac, Linux, and Windows. The utility is a Python package, not a typical Mac app, and Mac users will need to use macOS’s Terminal app and install a pip utility in order to use Kaspersky’s tool.
iPhone viruses and malware are rare, but no device is completely invulnerable. Apple urges users to update to the most recent version of IOS that a device can support in order to ensure that the latest security patches are installed. Learn more about iPhones and viruses, and check out our guide on how to remove a virus from and iPhone or iPad.