Operation Triangulation
While monitoring the network traffic of our own corporate Wi-Fi network using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), we discovered a previously unknown mobile APT campaign targeting iOS devices. The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data. We are calling this campaign “Operation Triangulation”.
This is an ongoing investigation, the amount of material we collected is substantial and will take time to analyze. Given the complexity of the attack, we are confident that we are not the only target, and invite everyone to join the research. If you have any additional details to share, please contact us: triangulation[at]kaspersky.com
Reports
GOFFEE continues to attack organizations in Russia
Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.
SideWinder targets the maritime and nuclear sectors with an updated toolset
In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.
EAGERBEE, with updated and novel components, targets the Middle East
Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.
Subscribe to our weekly e-mails
The hottest research right in your inbox
