Technology

Kaspersky identifies new malware campaign targeting iOS devices

Animashaun Luther
By Animashaun Luther Add a Comment
Disclosure: This website may contain affiliate links, which means I may earn a commission if you click on the link and make a purchase. I only recommend products or services that I personally use and believe will add value to my readers. Your support is appreciated!

By Cynthia Ezekwe

Kaspersky Lab, a  multinational cybersecurity and anti-virus provider has unveiled an ongoing mobile Advanced Persistent Threat (APT) campaign targeting iOS devices with unknown malware.

The cybersecurity company headquartered in Moscow, Russia, made this known in its recent APT  campaign report tagged  tagged “Operation Triangulation,’’ noting that  Kaspersky experts uncovered the new mobile APT campaign while monitoring the network traffic of its corporate Wi-Fi network using the Kaspersky Unified Monitoring and Analysis Platform (KUMA).

Kaspersky identifies new malware campaign targeting iOS devicesIt added that upon further analysis, the company researchers discovered that the threat actor had been targeting iOS devices of dozens of company employees.

The cybersec company noted that the investigation of the malware attack is still ongoing, adding that the  most recent version of the devices successfully targeted is iOS 15.7.

 In light of the above,  the researchers were able to identify specific artifacts that indicate the compromise, paving way to move the research forward, and identifying the general infection sequence.

“The target iOS device receives a message via the iMessage service, with an attachment containing an exploit.Without any user interaction, the message triggers a vulnerability that leads to code execution.The code within the exploit downloads several subsequent stages from the C&C server, that include additional exploits for privilege escalation.After successful exploitation, a final payload is downloaded from the C&C server, that is a fully-featured APT platform.The initial message and the exploit in the attachment is deleted,’’the report explained the sequence.

According to the report, the spyware quietly transmits private information to remote servers, including microphone recordings, photos from instant messengers, geolocation and data about a number of other activities of the owner of the infected device, while emphasising that all potential must be backed up and has to be processed  by the Mobile Verification Toolkit (mvt-ios).

Commenting on the discovery,Igor Kuznetsov, head of Eastern Europe, Middle East, and Africa Unit at  Kaspersky,  said:

“When it comes to cyber security, even the most secure operating systems can be compromised. As APT actors are constantly evolving their tactics and searching for new weaknesses to exploit, businesses must prioritise the security of their systems.”

Kuznetsov noted that to ensure system security, organisations should  prioritise employee education, and awareness and provide them with the latest threat intelligence and tools to effectively recognize and defend against potential threats.

He added that the company’s investigation of the triangulation operation continues, noting  that further details on it would be shared as there could be other targets of the spy operation.

TAGGED:
[ruby_static_newsletter]
Previous Article Tinubu to streamline taxes amid Nigeria’s illegal taxation menace
Next Article How $483.98bn cloud computing can boost financial performance of Nigerian FinTech firms
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *