Kaspersky identifies new malware campaign targeting iOS devices

By Cynthia Ezekwe

Kaspersky Lab, a multinational cybersecurity and anti-virus provider has unveiled an ongoing mobile Advanced Persistent Threat (APT) campaign targeting iOS devices with unknown malware.

The cybersecurity company headquartered in Moscow, Russia, made this known in its recent APT campaign report tagged tagged “Operation Triangulation,’’ noting that Kaspersky experts uncovered the new mobile APT campaign while monitoring the network traffic of its corporate Wi-Fi network using the Kaspersky Unified Monitoring and Analysis Platform (KUMA).

It added that upon further analysis, the company researchers discovered that the threat actor had been targeting iOS devices of dozens of company employees.

The cybersec company noted that the investigation of the malware attack is still ongoing, adding that the most recent version of the devices successfully targeted is iOS 15.7.

In light of the above, the researchers were able to identify specific artifacts that indicate the compromise, paving way to move the research forward, and identifying the general infection sequence.

“The target iOS device receives a message via the iMessage service, with an attachment containing an exploit.Without any user interaction, the message triggers a vulnerability that leads to code execution.The code within the exploit downloads several subsequent stages from the C&C server, that include additional exploits for privilege escalation.After successful exploitation, a final payload is downloaded from the C&C server, that is a fully-featured APT platform.The initial message and the exploit in the attachment is deleted,’’the report explained the sequence.

According to the report, the spyware quietly transmits private information to remote servers, including microphone recordings, photos from instant messengers, geolocation and data about a number of other activities of the owner of the infected device, while emphasising that all potential must be backed up and has to be processed by the Mobile Verification Toolkit (mvt-ios).

Commenting on the discovery,Igor Kuznetsov, head of Eastern Europe, Middle East, and Africa Unit at Kaspersky, said:

“When it comes to cyber security, even the most secure operating systems can be compromised. As APT actors are constantly evolving their tactics and searching for new weaknesses to exploit, businesses must prioritise the security of their systems.”

Kuznetsov noted that to ensure system security, organisations should prioritise employee education, and awareness and provide them with the latest threat intelligence and tools to effectively recognize and defend against potential threats.

He added that the company’s investigation of the triangulation operation continues, noting that further details on it would be shared as there could be other targets of the spy operation.

UBA Group expands global footprint with banking operations in France

CITN Organises capacity-building workshop for finance journalists

Access Bank expands African presence with acquisition of Standard Chartered Bank Angola, Sierra Leone

Black Founders Fund fuels $379m for African startups

Okonjo-Iweala secures second term as WTO DG

Global climate goals in question amid COP29’s disputed $300m finance deal

AfDB, partners plan to make Abidjan-Lagos corridor highway potent economic, industrial hub

African Sub-Sovereign government leaders, businesses meet in Kenya to discuss inclusive growth, others

NAE, STAC Marine mark one year partnership milestone with Safety & Environment agreement

FG spends N8.8bn on restoration of vandalised power towers – TCN

Port Harcourt refinery resumes production, loads petrol, kerosene, others

Nigeria’s oil production above OPEC quota – NNPC

Where are you with your financial goals?

Sustainability in aviation

Insider threats: Overlooked but dangerous

What did you take away from the American election?

Kaspersky identifies new malware campaign targeting iOS devices