![]() And the final malware payload would automatically download to the victim’s device before the original malicious message and attachment self-deleted. Then the attack would chain together multiple vulnerabilities to give the hackers deeper and deeper access to the target’s device. Victims received the message, which included a malicious attachment, and exploitation would begin whether victims opened the message and inspected the attachment or not. Kaspersky says the attack chain utilized “zero-click” exploitation to compromise targets’ devices by simply sending a specially crafted message to victims over Apple’s iMessage service. The campaign, which the researchers call Operation Triangulation and say is “ongoing,” appears to date back to 2019 and utilized multiple vulnerabilities in Apple’s iOS mobile operating system to let attackers take control of victim devices. In a report published today, Kaspersky said that at the beginning of the year, it detected targeted attacks against a group of iPhones after analyzing the company’s own corporate network traffic. Now it’s exposing a stealthy new intrusion campaign where Kaspersky itself was a target. ![]() ![]() The Moscow-based cybersecurity firm Kaspersky has made headlines for years by exposing sophisticated hacking by Russian and Western state-sponsored cyberspies alike.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |