%20(1).png)
Kaspersky Lab, a leading cybersecurity and anti-virus outfit, has uncovered a new cyberattack danger that targets iPhone devices running earlier versions of iOS via the iMessage app. The virus, discovered while monitoring the company's own Wi-Fi network for mobile devices, infects the phone via a received iMessage with a malicious attachment. The attack requires no action from the iPhone user and takes advantage of an iOS weakness to install malware that takes total control of the device and user data.
According to a study issued by Kaspersky on their discoveries, the malicious file transmitted via iMessage executes a code without the user's intervention. The malicious code then executes a series of commands to harvest confidential user data.
Eugene Kaspersky, CEO of Kaspersky Lab, tweeted about the iOS malware, describing how the spyware collects private information such as microphone recordings, images from instant messengers, geolocation, and other data and sends it to distant servers. The company has termed the hacking threat "Operation Triangulation."
We've discovered a new cyberattack against iOS called Triangulation.
— Eugene Kaspersky (@e_kaspersky) June 1, 2023
The attack starts with iMessage with a malicious attachment, which, using a number of vulnerabilities in iOS installs spyware. No user action is required.#IOSTriangulation pic.twitter.com/daxEYZwXwD
According to Kaspersky, the virus was discovered on the iPhones of hundreds of employees and might infect other iPhone users as well. He also stated that the danger had been eliminated and that information about the vulnerability had been conveyed to Apple. The CEO also stated that by stopping the iMessage service, vulnerable iOS devices would be protected from the assault.
The original text and the associated exploit in the iMessage message are removed when the virus is successfully installed on the device, according to the business. According to Kaspersky, the assault is still active, and iOS 15.7 was the most current version among the devices successfully attacked. iPhone devices running iOS 16 looked to be protected from the danger, however Kaspersky stated in the report's comments section that other iOS versions could not be guaranteed to be safe.
Kaspersky also launched tools on Friday to help consumers determine whether their device was affected.
Apple provided patches in February that resolved critical vulnerabilities in iOS 16.3 and macOS 13.2 for compatible iPhone, iPad, and Mac devices. Apple recognised the researchers who discovered the holes that let a remote user to circumvent Apple's security measures and obtain access to a user's personal data as well as their camera, microphone, and call history at the time.