The cybersecurity community has warned of a new cyberattack targeting Apple mobile devices. The attack, “triangulation”, is a sophisticated scheme that secretly hacks into the iPhones of some employees, including those in the Web 3 sector, and explicitly targets middle and upper management employees.
Exploiting vulnerabilities in the Apple operating system
This attack exploits vulnerabilities in the iOS operating system and involves sending a hidden iMessage with a malicious payload. When a device is successfully triangulated, the malware installs itself without the user’s knowledge or consent.
This malicious malware records and transmits audio, video, and other data from the user’s microphone, instant messenger, and location services to remote servers.
Kaspersky’s Unified Analysis and Analysis (KUMA) platform, a vital security intelligence and event management tool, made it possible to detect this complex malware.
After discovering network wrongdoings from Apple devices, KUMA helped cybersecurity researchers discover triangulation malware on several iPhones belonging to high-ranking employees.
Unfortunately, the closed iOS environment does not have built-in malware detection and removal tools. To combat this covert attack, other technologies are needed.
In response to the critical need for early detection and correction, security researchers have created a specialized tool called “triangle_check”.
Once it has been extensively tested, this tool will be made available free of charge to help find signs of compromise in backups produced from Apple devices.
Removing malware from iPhones without compromising users’ private information remains a challenge. Currently the only solution available is to reset the affected device to factory settings and reinstall the latest operating system and user environment.
Failure to take these steps may lead to triangle exploiting vulnerabilities in older iOS versions and infecting the device again.
Potential impact on cryptocurrency holders
The cryptocurrency industry is under threat due to possible hacking of iPhones used by cryptocurrency users.
This raises concerns about the security and privacy of crypto transactions, as attackers can exploit leaked private information such as geolocation data and messages to steal cryptocurrencies from wallets, breach transaction security, or even steal identities.
Given the risks, companies must implement strict cyber security measures and maintain a high vigil. The chance of falling prey to Triangulation and similar complex cyber attacks targeting the crypto ecosystem may be reduced by regularly upgrading iOS devices to the latest version, using multi-factor authentication, and practicing basic security rules.