Brace yourselves, iPhone users, as a new and unprecedented threat looms large the Operation Triangulation iPhone attack. In this blog post, experts shed light on the intricacies of this highly sophisticated assault, offering essential insights to fortify your device against potential vulnerabilities. Stay ahead, stay secure.
Operation Triangulation, the most sophisticated iPhone attack ever detected, uses a hidden hardware feature to open a backdoor into iOS. The most important question is how hackers know about this hidden feature that no one else knows about.
Apple users see fewer of the malware notifications that keep popping up on Android, including apps that Google has since banned. But the iPhone’s improved security doesn’t mean hackers have given up on the platform.
The Pegasus attack, which used the iMessage app to infect phones without the recipient even having to tap a link, was a stark reminder of this a few years ago. Apple released a patch against the Pegasus attacks, but that hasn’t stopped attackers from looking for more vulnerabilities in the iPhone and other devices.
Operation Triangulation
Operation Triangulation, discovered by Kaspersky researchers in Russia, is the latest iPhone attack and has been described as the “most sophisticated” iPhone attack ever discovered. It also uses a zero-day iMessage attack like Pegasus, as well as three other vulnerabilities to access the iPhone’s backdoor privileges. Interestingly, one of these vulnerabilities involves a hidden hardware feature of the iPhone that the researchers were unable to disclose.
However, it’s worth noting that this iPhone attack was used by a highly sophisticated organisation to spy on anonymous political figures. So we’re not talking about a malware attack designed to empty the bank accounts of random iPhone users, or a malware attack targeting ordinary users. Although the vulnerabilities have been exploited for four years, these attacks were not aimed at mass distribution. In addition, this operation may no longer be active as Apple has closed the vulnerabilities in question.
As reported by Ars Technica, this operation was first discovered in June. As with the Pegasus attack, the attackers sent malicious data via iMessage texts.
Russian officials have blamed the US National Security Agency for the attack, saying that thousands of people working at diplomatic missions and embassies in Russia may have been infected, but no evidence has been provided to support this claim. Kaspersky, whose own employees were also affected, has been investigating the attack ever since, but has yet to pinpoint the culprit.
The attackers are still unknown
As Kaspersky researcher Boris Larin told Ars Technica, the attackers have not yet been identified, but Kaspersky’s latest discovery concerns an undocumented hidden hardware feature of the iPhone. While the attackers somehow managed to exploit a vulnerability in this hardware feature, it is unclear how they knew of its existence before attempting to hack it.
The hackers appear to have exploited hardware-based memory protections designed to protect the iPhone from attack even if an attacker can access the device’s core memory. Under normal circumstances, these protections should prevent attackers from taking control of the phone.
However, the attackers in this operation abused the hidden hardware feature to bypass this protection. One of the questions Kaspersky cannot answer is how the hackers knew about this feature, which was probably used by Apple engineers or the factory for debugging or testing purposes.
