Cyber attack: ‘Operation Triangulation’ can access memory, take control of iOS device, says Kaspersky


PTI, Oct 27, 2023, 11:19 AM IST

Image credit: Kaspersky

Operation Triangulation, a cyber threat targeting iOS devices, is capable of accessing the physical memory without user interaction and takes complete control over the device, cyber security firm Kaspersky said.

iOS mobile operating system has been developed by Apple for its devices including iPhones and iPads.

Kaspersky, which has presence in India, made the revelation in a research report released at the Security Analyst Summit (SAS) in Phuket. The advanced persistent threat (APT) campaign targeting iOS devices has been uncovered by Kaspersky’s Global Research and Analysis Team (GReAT).

According to the report, Operation Triangulation employs a sophisticated method of distributing zero-click exploits via iMessage, ultimately taking complete control over the device and its user data.

The company experts unveiled ”previously undisclosed details of the attack chain that took advantage of five vulnerabilities, four of which were previously unknown”, the report said.

The experts identified an initial entry point through a font processing library vulnerability. The second, an extremely powerful and trivially exploitable vulnerability in the memory mapping code allowed access to the device’s physical memory, it said.

Additionally, attackers exploited two more vulnerabilities to bypass the latest Apple processor’s hardware security features. Researches also discovered that apart from having the capability to remotely infect Apple devices through iMessage without user interaction, the attackers also had a platform to carry out attacks via the Safari web browser. This prompted the discovery and fixing of a fifth vulnerability, Kaspersky said.

”The hardware-based security features of devices with newer Apple chips significantly bolster their resilience against cyber attacks. But they are not invulnerable. Operation Triangulation serves as a reminder to exercise caution when handling iMessage attachments from unfamiliar sources,” Boris Larin, Principal Security Researcher at Kaspersky’s GReAT, said.

Drawing insights from the strategies employed in Operation Triangulation can offer valuable guidance. Also, finding a balance between system’s closeness and accessibility may contribute to an enhanced security posture, Larin said.

”While Kaspersky’s victims include company’s top and middle management as well as researchers based in Russia, Europe and META, the company was not the only target of the attack,” it said.

Kaspersky researchers have suggested updating operating system, applications and antivirus software regularly to patch any known vulnerabilities.

The experts also suggest verifying the sender’s identity before sharing any personal details or clicking on suspicious links, and remaining cautious of emails, messages, or calls asking for sensitive information.

Headquartered in Moscow, Kaspersky is a global cybersecurity and digital privacy company. Its security portfolio includes leading end-point protection, specialised security products and services, as well as cyber-immune solutions to fight sophisticated and evolving digital threats.

Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.

Top News

Burglars decamp with cash Rs 1 crore, 300 gold sovereigns from house in Kerala

Raut demands re-election, alleges irregularities in EVMs during Maharashtra polls

Perth Test: Bumrah leads India to its biggest Test win on Australian soil

Sambhal violence: FIR against SP MP Zia-ur-Rehman Barq, SP MLA’s son

Six junior artists of Kannada film ‘Kantara’ injured in accident in Karnataka

MNS at risk of losing recognition, symbol after drawing blank in Maharashtra polls

‘Wicked’ and ‘Gladiator’ make gravity-defying theatre debuts

Related Articles More

RG Kar protests: SC orders SIT probe into custodial torture case, weekly reports before HC

Burglars decamp with cash Rs 1 crore, 300 gold sovereigns from house in Kerala

No ‘formula’ under discussion for CM’s post: Ajit Pawar

Raut demands re-election, alleges irregularities in EVMs during Maharashtra polls

Raut demands re-election, alleges irregularities in EVMs during Maharashtra polls

MUST WATCH

Coconut Flower

Prakash Belawadi

Naxal Leader Vikram Gowda

Christmas Cake Fruit Mixing

DK Shivakumar


Latest Additions

RG Kar protests: SC orders SIT probe into custodial torture case, weekly reports before HC

Dr. D. Veerendra Heggade sets record for ‘Largest Single-Man Collection of Antiques’

Rapid digital expansion to create over 1 lakh new jobs in fiber tech in India in next 5 years

Burglars decamp with cash Rs 1 crore, 300 gold sovereigns from house in Kerala

No ‘formula’ under discussion for CM’s post: Ajit Pawar

Thanks for visiting Udayavani

You seem to have an Ad Blocker on.
To continue reading, please turn it off or whitelist Udayavani.