#OperationTriangulation

‘Operation Triangulation’ Spyware Attackers Bypass iPhone Memory Protections

December 29, 2023 by Xynik

December 29, 2023 at 11:21AM The “Operation Triangulation” spyware attack bypassed iPhone memory protections using undocumented Apple chip functions and multiple vulnerabilities. The zero-click campaign targeted iMessage, exploited an RCE vulnerability, and used intricate, multi-stage attacks to gain privileged access and install spyware, presenting an unprecedented level of sophistication in iPhone cyber threats. Kaspersky recommends … Read more

Kaspersky reveals previously unknown hardware ‘feature’ used in iPhone attacks

December 28, 2023 by Xynik

December 28, 2023 at 10:54AM Kaspersky’s GReAT team uncovered a hidden iPhone feature, exploited through CVE-2023-38606, allowing attackers to evade memory protection. The issue affected iPhones on iOS up to 16.6 and may have been for testing or debugging. The team’s thorough analysis revealed a sophisticated attack vector, demonstrating how even advanced hardware protection can … Read more

Most Sophisticated iPhone Hack Ever Exploited Apple’s Hidden Hardware Feature

December 28, 2023 by Xynik

December 28, 2023 at 06:42AM The Operation Triangulation spyware targeting Apple iOS devices utilized unprecedented exploits to bypass hardware-based security. The sophisticated attack, active since 2019, used four zero-day flaws to gain access to iOS devices and gather sensitive information. Patches were released by Apple, with 20 zero-days resolved this year. A particular vulnerability, CVE-2023-38606, … Read more

iPhone Triangulation attack abused undocumented hardware feature

December 27, 2023 by Xynik

December 27, 2023 at 09:20AM The Operation Triangulation spyware campaign targeted iPhone devices by exploiting four zero-day vulnerabilities, allowing attackers to gain control over the devices without user interaction. Kaspersky analysts discovered this highly sophisticated attack chain and found that attackers leveraged undocumented hardware features in Apple chips to bypass security protections. The origin of … Read more

Apple drops urgent patch against obtuse TriangleDB iPhone malware

October 26, 2023 by Xynik

October 26, 2023 at 05:22PM Apple released a security update to fix a vulnerability, tracked as CVE-2023-32434, that has already been exploited by cyber snoops. This flaw allowed the execution of arbitrary code with kernel privileges. It is the second patch issued by Apple to address this vulnerability. Kaspersky researchers discovered the bug and reported … Read more

Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack Dissected

October 24, 2023 by Xynik

October 24, 2023 at 03:03PM Kaspersky has released a report detailing the iOS zero-click attacks it suffered. Dubbed ‘Operation Triangulation’, the attacks used malicious iMessage attachments to exploit a zero-day vulnerability and deploy spyware named TriangleDB. The attackers implemented stealth techniques to avoid detection, including using two validators to collect device information and ensure the … Read more

Operation Triangulation: Experts Uncover Deeper Insights into iOS Zero-Day Attacks

October 24, 2023 by Xynik

October 24, 2023 at 05:45AM The TriangleDB implant used in Operation Triangulation targets Apple iOS devices. It includes modules to record audio, steal data from apps, and determine the victim’s location. The attack utilizes zero-click exploits through iMessage attachments and employs various validators to avoid being detected. The identity of the threat actor remains unknown, … Read more