Cyber attack: ‘Operation Triangulation’ can access memory, take control of iOS device, says Kaspersky

PTI, Oct 27, 2023, 11:19 AM IST

Image credit: Kaspersky

Operation Triangulation, a cyber threat targeting iOS devices, is capable of accessing the physical memory without user interaction and takes complete control over the device, cyber security firm Kaspersky said.

iOS mobile operating system has been developed by Apple for its devices including iPhones and iPads.

Kaspersky, which has presence in India, made the revelation in a research report released at the Security Analyst Summit (SAS) in Phuket. The advanced persistent threat (APT) campaign targeting iOS devices has been uncovered by Kaspersky’s Global Research and Analysis Team (GReAT).

According to the report, Operation Triangulation employs a sophisticated method of distributing zero-click exploits via iMessage, ultimately taking complete control over the device and its user data.

The company experts unveiled ”previously undisclosed details of the attack chain that took advantage of five vulnerabilities, four of which were previously unknown”, the report said.

The experts identified an initial entry point through a font processing library vulnerability. The second, an extremely powerful and trivially exploitable vulnerability in the memory mapping code allowed access to the device’s physical memory, it said.

Additionally, attackers exploited two more vulnerabilities to bypass the latest Apple processor’s hardware security features. Researches also discovered that apart from having the capability to remotely infect Apple devices through iMessage without user interaction, the attackers also had a platform to carry out attacks via the Safari web browser. This prompted the discovery and fixing of a fifth vulnerability, Kaspersky said.

”The hardware-based security features of devices with newer Apple chips significantly bolster their resilience against cyber attacks. But they are not invulnerable. Operation Triangulation serves as a reminder to exercise caution when handling iMessage attachments from unfamiliar sources,” Boris Larin, Principal Security Researcher at Kaspersky’s GReAT, said.

Drawing insights from the strategies employed in Operation Triangulation can offer valuable guidance. Also, finding a balance between system’s closeness and accessibility may contribute to an enhanced security posture, Larin said.

”While Kaspersky’s victims include company’s top and middle management as well as researchers based in Russia, Europe and META, the company was not the only target of the attack,” it said.

Kaspersky researchers have suggested updating operating system, applications and antivirus software regularly to patch any known vulnerabilities.

The experts also suggest verifying the sender’s identity before sharing any personal details or clicking on suspicious links, and remaining cautious of emails, messages, or calls asking for sensitive information.

Headquartered in Moscow, Kaspersky is a global cybersecurity and digital privacy company. Its security portfolio includes leading end-point protection, specialised security products and services, as well as cyber-immune solutions to fight sophisticated and evolving digital threats.